Networking

Unix and Linux network configuration. Multiple network interfaces. Bridged NICs. High-availability network configurations.

Applications

Reviews of latest Unix and Linux software. Helpful tips for application support admins. Automating application support.

Data

Disk partitioning, filesystems, directories, and files. Volume management, logical volumes, HA filesystems. Backups and disaster recovery.

Monitoring

Distributed server monitoring. Server performance and capacity planning. Monitoring applications, network status and user activity.

Commands & Shells

Cool Unix shell commands and options. Command-line tools and application. Things every Unix sysadmin needs to know.

Home » Security

Increasing Entropy Pool in Linux

Submitted by on June 28, 2016 – 9:48 pm

The pool of random numbers in Linux is derived primarily from user interaction (keystrokes and mouse movement). A server does not have such a source and the random pool may start running low, especially during periods of low system activity. This negatively affects security of many system services that use cryptography, making them more predictable.

One available solution is the haveged daemon that works to maintain the pool of random numbers at a healthy level (considered to be 200 at the very minimum). The daemon is easy enough to install:

yum -y install haveged
chkconfig haveged on
service haveged start

Below is an illustration of the difference this utility makes:

haveged_001

Print Friendly, PDF & Email

Leave a Reply