On 08/27/2017 04:25 PM, Robert Moskowitz wrote:
On 08/27/2017 04:08 PM, Peter Robinson wrote:
On Sun, Aug 27, 2017 at 8:59 PM, Robert Moskowitz
<rgm@xxxxxxxxxxxxxxx> wrote:
On 08/27/2017 03:31 PM, Peter Robinson wrote:
On Sun, Aug 27, 2017 at 6:57 PM, Robert Moskowitz
<rgm@xxxxxxxxxxxxxxx>
wrote:
I use:
cat /proc/sys/kernel/random/entropy_avail
To check on the amount of entropy for creating random stuff like
keypairs
with openssl or random nonces and keys for TLS..
I am using a Cubieboad2.
With Fedora-Xfce-armhfp-26-1.5-sda.raw.xz I was seeing numbers in the
3,000.
I don't have that image running right now to get an actual number.
I just built a system with: Fedora-Server-armhfp-26-1.5-sda.raw.xz
I am seeing numbers only in the mid 800s:
[root@C2 ~]# cat /proc/sys/kernel/random/entropy_avail
866
[root@C2 ~]# cat /proc/sys/kernel/random/entropy_avail
803
[root@C2 ~]# cat /proc/sys/kernel/random/entropy_avail
828
What is different between these two images? It is the same
Cubieboard.
Different images have different services enabled by default, is
rng-tools intsalled by default on server image?
Just checked and
Package rng-tools-5-9.fc26.armv7hl is already installed
And after running dnf, entropy dropped to 324....
I have also installed rng-tools with some success, but not as much as
haveged.
There's a quality difference between HW rng vs haveged which provides
entropy but might not be as random as a proper HW rng
I could boot up the workstation Xfce image I have, but I was kind of
hoping
there was some knowledge here on differences.
Other than workstation running something like haveged, what else
could be
the source of the entropy difference?
Different services consuming the available entropy
OK. that is the basic answer. This is the minimal server. There are
no connections to it. I am using the serial console. It does have
cockpit running by default, but I would hope that is idling and not
eating up things like resources. I should probably disable it, as it
is not something I would use.
Any idea on how I can figure out what is consuming the entropy?
My minimal Centos7-arm images have ~2500 for the entropy value.
Don't think it should be cockpit:
# systemctl status cockpit
● cockpit.service - Cockpit Web Service
Loaded: loaded (/usr/lib/systemd/system/cockpit.service; static;
vendor prese
Active: inactive (dead)
Docs: man:cockpit-ws(8)
_______________________________________________
arm mailing list -- arm@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to arm-leave@xxxxxxxxxxxxxxxxxxxxxxx