Questions tagged [entropy-pool]
26 questions
38
votes
4 answers
Explain in Plain English about Entropy Available
If I run this command in Ubuntu
sudo cat /proc/sys/kernel/random/entropy_avail
it returns a number that indicates how much "entropy" is available to the kernel, but that's about all I know. What unit is this entropy measured in? What is it used…
![](../../users/profiles/36088.webp)
Josh Lindsey
- 609
- 1
- 5
- 7
12
votes
1 answer
How can I detect incidents of entropy depletion?
I recently had my first encounter with a depleted entropy pool, and I was disappointed to learn that none of the usual system logs were helpful in discovering the problem.
After installing CUPS on a new CentOS 6 virtual machine, I tried to connect…
![](../../users/profiles/23300.webp)
Nic
- 13,025
- 16
- 59
- 102
12
votes
2 answers
Entropy on virtual machines
As you might know that it's not as easy to generate entropy on a virtual machine as on a "normal" pc.
Generating a gpg-key on a virtual machine can take a while, even with the correct tools.
There are plenty more crypto functions out there which…
![](../../users/profiles/98779.webp)
dbanck
- 403
- 1
- 3
- 9
10
votes
3 answers
How to tell when an Entropy Key is overloaded?
I have several Entropy Keys with egd in front of them and then all load balanced by haproxy. I then have many client machines using the haproxy service IP as a network source of entropy. I have no idea how much entropy they are requesting.
The…
![](../../users/profiles/71071.webp)
grifferz
- 928
- 5
- 13
7
votes
1 answer
How does Apache interpret multiple SSLRandomSeed sources
In my Apache configuration I have these lines:
SSLRandomSeed connect builtin
SSLRandomSeed connect file:/dev/random
SSLRandomSeed connect file:/dev/urandom 1024
How, exactly, does Apache interpret this? Does it first try builtin and then move to…
![](../../users/profiles/35042.webp)
user35042
- 2,601
- 10
- 32
- 57
6
votes
2 answers
Do Windows virtual machines suffer from entropy shortage too?
Recently we ran into a problem where one of our Linux-based virtual machines was really slow due to a chronic shortage of "entropy".
I'm wondering if Windows virtual machines would suffer from the same problem. (A Google search gave me no relevant…
![](../../users/profiles/20362.webp)
Stephen C
- 541
- 4
- 18
6
votes
4 answers
How to fix the entropy pool issue with RHEL 5.x
RHEL 5.x has an entropy-generation problem (held-over from kernel 2.4). Following directions from here has produced little-to-no results:
How to increase entropy pool on a 2.6 kernel RHEL/Fedora system without keyboard/mouse.
A good source of…
![](../../users/profiles/2321.webp)
warren
- 17,829
- 23
- 82
- 134
5
votes
0 answers
Low Entropy on Container
I am thinking my entropy level may be low?
$ cat /proc/sys/kernel/random/entropy_avail
I am around 132-178 on average. Pool size is default 4096 (this is a container on a virtualizer by the way).
I also have ran:
$ cat /dev/urandom | rngtest -c…
![](../../users/profiles/279772.webp)
Gordon Snappleweed
- 75
- 1
- 9
5
votes
1 answer
Some questions about kernel.random.* parameters
I'm trying to understand the linux kernel parameters which are under /proc/sys/kernel/random/, but I have some troubles. Could you help me figure some things out?
What is the boot_id parameter used for? I found just information it's generated at…
![](../../users/profiles/206512.webp)
Mikhail Morfikov
- 906
- 1
- 10
- 12
5
votes
4 answers
Server suddenly running out of entropy
Since a reboot yesterday, one of our virtual servers (Debian Lenny, virtualized with Xen) is constantly running out of entropy, leading to timeouts etc. when trying to connect over SSH / TLS-enabled protocols. Is there any way to check which…
![](../../users/profiles/74207.webp)
Creshal
- 269
- 1
- 5
- 16
3
votes
1 answer
Increasing Entropy on CoreOS
I'm trying out coreos on a kubernetes cluster. This setup includes a bind server serving DNSSEC responses. Because of the DNSSEC key management, the bind server uses up all the available entropy and hangs on startup, and takes hours to get enough…
![](../../users/profiles/304346.webp)
ConnorJC
- 921
- 1
- 7
- 19
3
votes
1 answer
Distributing entropy to virtual machines
I'm interested in generating secret keys for SSL on virtual machines using true randomness. By true randomness I mean the same level of entropy that can be generated by UNIX's dev/random and entropy gathering daemon (EGD).
Is there a "general…
![](../../users/profiles/65866.webp)
Louis
- 131
- 4
3
votes
3 answers
Munin "Available entropy" when using address space layout randomization
Having just configured Munin for statistics logging on my gentoo server (hardened profile), I am noticing that my "Available entropy" is consitently in the 200-300 range. This seems way to low, so I checked it manually using the command
$ cat…
![](../../users/profiles/37733.webp)
Simon Lindgren
- 264
- 1
- 2
- 9
2
votes
1 answer
Is it safe to use SSH for periodic command execution on remote Server regarding usage of entropy?
I'm planning to set up periodic checks for system health on a multiple remote systems. To achieve this I've set up key-based authentication to execute scripts on remote side without interaction
i.e.:
ssh -i /path/to/id_rsa -o…
![](../../users/profiles/538368.webp)
ToastStudios
- 23
- 4
2
votes
1 answer
How EJBCA generate private key
I'm looking for the method used by EJBCA to generate the private keys in general (CA, Sub-Ca, certificates...).
Let say for instance you want RSA 2048 key size.
Is the generation process all done in EJBCA application ?
Do they rely on Java EE-based…
![](../../users/profiles/348334.webp)
Florent
- 308
- 2
- 7