Contact SalesSitemapCustomer Login

Go Back   VPSlink Forums > Operating Systems > Gentoo
/dev/random entropy /dev/random entropy
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1 (permalink)  
Old 07-08-2007, 04:36 AM
Junior Member
  
Join Date: Jul 2007
Posts: 6
Default /dev/random entropy
I was wondering if anyone has experienced problems with /dev/random running out of entropy.

I have had problems with apache blocking for long periods of time with this log message:
Digest: generating secret for digest authentication ...
which i found out from raptorized.com/?p=70 was due to /dev/random not having enough entropy.

I ended up using lighttpd instead, so this isn't a problem, but now I am trying to use dkfilter and it is blocking for long periods of time. I think its the same problem, dkfilter or perl is blocking on /dev/random. Has anyone experienced a similar situation?

Brian
Reply With Quote
  #2 (permalink)  
Old 07-08-2007, 08:07 AM
Member
  
Join Date: May 2007
Posts: 59
Default
My dropbear sshd has been complaining about a lack of entropy in Debian... hasn't seemed to cause any serious problems, just a few extra log entrys when I try to login. I suppose if there were more ssh users than just myself though it might become a problem. Though looking closer at the logs, it appears that this could be causing some logins to take around 10sec from the point of the entropy message being generated, to the point of successful pubkey message... not good :/

Quote:
Warning: Reading the random source seems to have blocked. If you experience problems, you probably need to find a better entropy source.
Reply With Quote
  #3 (permalink)  
Old 07-09-2007, 08:10 PM
Administrator
  
Join Date: Oct 2006
Posts: 59
Default
This problem is the result of having multiple servers using up all of the entropy on the server. The recommended fix is to make your applications use /dev/urandom as a source of entropy. If your application does not allow you to set the source of entropy manually, Then you will have move /dev/random to a backup, and symlink /dev/random to /dev/urandom like so:

mv /dev/random /dev/chaos
ln -s /dev/urandom /dev/random

Max V.
VPSLink Support
Reply With Quote
  #4 (permalink)  
Old 03-13-2008, 09:19 AM
Junior Member
  
Join Date: Mar 2008
Posts: 1
Default
Perhaps this should say "workaround" rather than "fix". A fix is a lot harder. One way (in the short term) is to install a daemon feeding data from a microphone into /dev/random - many computers have a microphone built in somewhere or other, even if you never needed one. Fundamentally, it's a problem with how /dev/random is implemented and used - entropy runs out far too quickly.

(sorry to add this note so long after the question! but perhaps it will be useful to people stumbling onto this page.)
Reply With Quote
  #5 (permalink)  
Old 03-13-2008, 11:09 AM
Senior Member
  
Join Date: Nov 2006
Location: Ukraine
Posts: 134
Default
I'm pretty sure there are no microphones in servers
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT. The time now is 07:09 AM.

VPSlink Forums - Top

Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.2.0

Copyright © 2008 - 2009 VPSLink, a subsidiary of Spry