Difference between revisions of "OS/Entropy"
From Observer GigaFlow Support | VIAVI Solutions Inc.
Kevin Wilkie (Talk | contribs) |
Kevin Wilkie (Talk | contribs) |
||
Line 2: | Line 2: | ||
cat /proc/sys/kernel/random/entropy_avail | cat /proc/sys/kernel/random/entropy_avail | ||
− | If necessary, install rng tools and start, then recheck entropy | + | If necessary (available < 1000), install rng tools and start, then recheck entropy |
yum -y install rng-tools | yum -y install rng-tools | ||
systemctl start rngd | systemctl start rngd | ||
Line 16: | Line 16: | ||
Active: '''failed''' (Result: exit-code) since Wed 2016-11-09 09:40:02 GMT; 1min 23s ago | Active: '''failed''' (Result: exit-code) since Wed 2016-11-09 09:40:02 GMT; 1min 23s ago | ||
Main PID: 12778 (code=exited, status=1/FAILURE) | Main PID: 12778 (code=exited, status=1/FAILURE) | ||
+ | |||
+ | Edit the service unit file: /usr/lib/systemd/system/rngd.service. | ||
+ | The ExecStart line should be edited so that it reads as in the following: | ||
+ | ExecStart=/sbin/rngd -f -r /dev/urandom | ||
+ | |||
+ | Now, restart and check the the service | ||
+ | systemctl daemon-reload | ||
+ | systemctl start rngd | ||
+ | systemctl status rngd | ||
+ | |||
+ | Output should look similar to the following: | ||
+ | â rngd.service - Hardware RNG Entropy Gatherer Daemon | ||
+ | Loaded: loaded (/usr/lib/systemd/system/rngd.service; enabled; vendor preset: enabled) | ||
+ | Active: '''active''' (running) since Wed 2016-11-09 09:44:14 GMT; 2s ago | ||
+ | Main PID: 12858 (rngd) | ||
+ | CGroup: /system.slice/rngd.service | ||
+ | ââ12858 /sbin/rngd -f -r /dev/urandom | ||
+ | |||
+ | Recheck the available entropy (should be > 1000) |
Latest revision as of 09:45, 9 November 2016
Check Entropy Figure
cat /proc/sys/kernel/random/entropy_avail
If necessary (available < 1000), install rng tools and start, then recheck entropy
yum -y install rng-tools systemctl start rngd systemctl enable rngd
Check the status of rngd
systemctl status rngd
If you see a failure
rngd.service - Hardware RNG Entropy Gatherer Daemon Loaded: loaded (/usr/lib/systemd/system/rngd.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Wed 2016-11-09 09:40:02 GMT; 1min 23s ago Main PID: 12778 (code=exited, status=1/FAILURE)
Edit the service unit file: /usr/lib/systemd/system/rngd.service. The ExecStart line should be edited so that it reads as in the following:
ExecStart=/sbin/rngd -f -r /dev/urandom
Now, restart and check the the service
systemctl daemon-reload systemctl start rngd systemctl status rngd
Output should look similar to the following: â rngd.service - Hardware RNG Entropy Gatherer Daemon
Loaded: loaded (/usr/lib/systemd/system/rngd.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2016-11-09 09:44:14 GMT; 2s ago Main PID: 12858 (rngd) CGroup: /system.slice/rngd.service ââ12858 /sbin/rngd -f -r /dev/urandom
Recheck the available entropy (should be > 1000)