12

We're investigating some JDBC issues, and one of the possible problems is /dev/random being exhausted. The workaround is to switch the JVM to using /dev/urandom, but I wan't to try and determine whether or not the /dev/random is being exhausted.

Is there a way to check if the entropy pool is being exhausted? I've gone hunting for nagios plugins and general bash commands, but I've turned up nothing.

Josh Smeaton
  • 1,330
  • 2
  • 19
  • 31

2 Answers2

17

Sure! Ask /proc/sys/kernel/random/entropy_avail.

Shane Madden
  • 112,982
  • 12
  • 174
  • 248
  • But... every time I run that I lose entropy! – Andrew Aug 09 '13 at 02:19
  • @Andrew: There's no reason why you should. – David Schwartz Aug 09 '13 at 02:36
  • @David. Entropy does reduce as you run cat /proc/sys/kernel/random/entropy_avail, but only to a point, it will then level out and hover at around the same level – GeoSword Aug 09 '13 at 08:53
  • Perfect, exactly what I was looking for, cheers. – Josh Smeaton Aug 09 '13 at 14:25
  • I don't know whether this answer ever was correct, but it [does not seem to be for today's kernels](https://security.stackexchange.com/a/127498/165862). `entropy_avail` only measures the size of the input pool, *not* how many bits can be read from `/dev/random`. – leopold.talirz Oct 02 '20 at 21:04
2

as read someplace else... each new process get entropy from /dev/random

a simple way to avoid stealing the pool is a program, such as:

#!/usr/bin/env python

import time

while True:
    with open('/proc/sys/kernel/random/entropy_avail', 'r') as f:
        print(f.read().rstrip())
    time.sleep(1.0)
kasperd
  • 29,894
  • 16
  • 72
  • 122
Guillaume
  • 21
  • 1