Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [entropy-pool]

26 questions
38
votes
4 answers

Explain in Plain English about Entropy Available

If I run this command in Ubuntu sudo cat /proc/sys/kernel/random/entropy_avail it returns a number that indicates how much "entropy" is available to the kernel, but that's about all I know. What unit is this entropy measured in? What is it used…
Josh Lindsey
  • 609
  • 1
  • 5
  • 7
12
votes
1 answer

How can I detect incidents of entropy depletion?

I recently had my first encounter with a depleted entropy pool, and I was disappointed to learn that none of the usual system logs were helpful in discovering the problem. After installing CUPS on a new CentOS 6 virtual machine, I tried to connect…
Nic
  • 13,025
  • 16
  • 59
  • 102
12
votes
2 answers

Entropy on virtual machines

As you might know that it's not as easy to generate entropy on a virtual machine as on a "normal" pc. Generating a gpg-key on a virtual machine can take a while, even with the correct tools. There are plenty more crypto functions out there which…
dbanck
  • 403
  • 1
  • 3
  • 9
10
votes
3 answers

How to tell when an Entropy Key is overloaded?

I have several Entropy Keys with egd in front of them and then all load balanced by haproxy. I then have many client machines using the haproxy service IP as a network source of entropy. I have no idea how much entropy they are requesting. The…
grifferz
  • 928
  • 5
  • 13
7
votes
1 answer

How does Apache interpret multiple SSLRandomSeed sources

In my Apache configuration I have these lines: SSLRandomSeed connect builtin SSLRandomSeed connect file:/dev/random SSLRandomSeed connect file:/dev/urandom 1024 How, exactly, does Apache interpret this? Does it first try builtin and then move to…
user35042
  • 2,601
  • 10
  • 32
  • 57
6
votes
2 answers

Do Windows virtual machines suffer from entropy shortage too?

Recently we ran into a problem where one of our Linux-based virtual machines was really slow due to a chronic shortage of "entropy". I'm wondering if Windows virtual machines would suffer from the same problem. (A Google search gave me no relevant…
Stephen C
  • 541
  • 4
  • 18
6
votes
4 answers

How to fix the entropy pool issue with RHEL 5.x

RHEL 5.x has an entropy-generation problem (held-over from kernel 2.4). Following directions from here has produced little-to-no results: How to increase entropy pool on a 2.6 kernel RHEL/Fedora system without keyboard/mouse. A good source of…
warren
  • 17,829
  • 23
  • 82
  • 134
5
votes
0 answers

Low Entropy on Container

I am thinking my entropy level may be low? $ cat /proc/sys/kernel/random/entropy_avail I am around 132-178 on average. Pool size is default 4096 (this is a container on a virtualizer by the way). I also have ran: $ cat /dev/urandom | rngtest -c…
Gordon Snappleweed
  • 75
  • 1
  • 9
5
votes
1 answer

Some questions about kernel.random.* parameters

I'm trying to understand the linux kernel parameters which are under /proc/sys/kernel/random/, but I have some troubles. Could you help me figure some things out? What is the boot_id parameter used for? I found just information it's generated at…
Mikhail Morfikov
  • 906
  • 1
  • 10
  • 12
5
votes
4 answers

Server suddenly running out of entropy

Since a reboot yesterday, one of our virtual servers (Debian Lenny, virtualized with Xen) is constantly running out of entropy, leading to timeouts etc. when trying to connect over SSH / TLS-enabled protocols. Is there any way to check which…
Creshal
  • 269
  • 1
  • 5
  • 16
3
votes
1 answer

Increasing Entropy on CoreOS

I'm trying out coreos on a kubernetes cluster. This setup includes a bind server serving DNSSEC responses. Because of the DNSSEC key management, the bind server uses up all the available entropy and hangs on startup, and takes hours to get enough…
ConnorJC
  • 921
  • 1
  • 7
  • 19
3
votes
1 answer

Distributing entropy to virtual machines

I'm interested in generating secret keys for SSL on virtual machines using true randomness. By true randomness I mean the same level of entropy that can be generated by UNIX's dev/random and entropy gathering daemon (EGD). Is there a "general…
Louis
  • 131
  • 4
3
votes
3 answers

Munin "Available entropy" when using address space layout randomization

Having just configured Munin for statistics logging on my gentoo server (hardened profile), I am noticing that my "Available entropy" is consitently in the 200-300 range. This seems way to low, so I checked it manually using the command $ cat…
Simon Lindgren
  • 264
  • 1
  • 2
  • 9
2
votes
1 answer

Is it safe to use SSH for periodic command execution on remote Server regarding usage of entropy?

I'm planning to set up periodic checks for system health on a multiple remote systems. To achieve this I've set up key-based authentication to execute scripts on remote side without interaction i.e.: ssh -i /path/to/id_rsa -o…
ToastStudios
  • 23
  • 4
2
votes
1 answer

How EJBCA generate private key

I'm looking for the method used by EJBCA to generate the private keys in general (CA, Sub-Ca, certificates...). Let say for instance you want RSA 2048 key size. Is the generation process all done in EJBCA application ? Do they rely on Java EE-based…
Florent
  • 308
  • 2
  • 7
1
2