On 08/27/2017 03:31 PM, Peter Robinson wrote:
On Sun, Aug 27, 2017 at 6:57 PM, Robert Moskowitz rgm@htt-consult.com wrote:
I use:
cat /proc/sys/kernel/random/entropy_avail
To check on the amount of entropy for creating random stuff like keypairs with openssl or random nonces and keys for TLS..
I am using a Cubieboad2.
With Fedora-Xfce-armhfp-26-1.5-sda.raw.xz I was seeing numbers in the 3,000. I don't have that image running right now to get an actual number.
I just built a system with: Fedora-Server-armhfp-26-1.5-sda.raw.xz
I am seeing numbers only in the mid 800s:
[root@C2 ~]# cat /proc/sys/kernel/random/entropy_avail 866 [root@C2 ~]# cat /proc/sys/kernel/random/entropy_avail 803 [root@C2 ~]# cat /proc/sys/kernel/random/entropy_avail 828
What is different between these two images? It is the same Cubieboard.
Different images have different services enabled by default, is rng-tools intsalled by default on server image?
Just checked and
Package rng-tools-5-9.fc26.armv7hl is already installed
And after running dnf, entropy dropped to 324....
I have also installed rng-tools with some success, but not as much as haveged.
There's a quality difference between HW rng vs haveged which provides entropy but might not be as random as a proper HW rng
I could boot up the workstation Xfce image I have, but I was kind of hoping there was some knowledge here on differences.
Other than workstation running something like haveged, what else could be the source of the entropy difference?
Bob