On 05/27/2017 08:32 PM, Robert Moskowitz wrote:
On 05/26/2017 08:35 PM, Leon Fauster wrote:
Am 27.05.2017 um 01:09 schrieb Robert Moskowitz <r...@htt-consult.com>:
I am use to low random entropy on my arm boards, not an intel.
On my Lenovo x120e,
cat /proc/sys/kernel/random/entropy_avail
reports 3190 bits of entropy.
On my armv7 with Centos7 I would get 130 unless I installed rng-tools
and then I get ~1300. SSH into one and it drops back to 30! for a
few minutes. Sigh.
Anyway on my new Zotac nano ad12 with an AMD E-1800 duo core, I am
seeing 180.
I installed rng-tools and no change. Does anyone here know how to
improve the random entropy?
http://issihosts.com/haveged/
EPEL: yum install haveged
WOW!!!
installed, enabled, and started.
Entropy jumped from ~130 bits to ~2000 bits
thanks
Note to anyone running a web server, or creating certs. You need
entropy. Without it your keys are weak and attackable. Probably even
known already.
Indeed. Installing haveged is the first thing I do when setting up a new
CentOS 7 machine.
Rebooting and verifying it starts on boot is the second.
_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
