> Hi,
>
> I've discovered an issue which I don't understand. On a new test install
> of EL9 I saw this message in the logs:
>
> Mar 01 08:09:18 <hostname> pcp-pmie[2870]: Low random number entropy
> available 15.6%avail@<hostname>
>
> This is on a 64 core "AMD Opteron(tm) Processor 6282 SE" server but I also
> got the same low entropy on an EL9 KVM guest running on a "AMD EPYC 7601"
> server.
The simple fix here is to install rng-tools and start rngd. Starting from
when rngd was started, the available entropy still doesn't go higher than
256 but also didn't get lower.
So, why is rng-tools not installed by default, at least on a server
install? I've asked you.com about this and the answer is interesting
Q: why does rhel9 not install rng-tools by default
A: RHEL 9 does not install the rng-tools package by default because it is
not necessary for most users. The Linux kernel now uses hardware random
number generators (RNGs) to generate random numbers, which provides enough
entropy for most applications. For applications that require more entropy,
users can choose to install the rng-tools package if necessary.
Indeed, this was discussed here
https://bugzilla.redhat.com/show_bug.cgi?id=1888695 but why do I see
available entropy being low on my freshly installed systems?
I start to believe that at least AMD EPYC based servers without TPM module
(yes, we order our server without TPM) will not work well without rngd
running. If that's the case, then it wasn't a good idea to remove
rng-tools from server installs IMHO.
Simon
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
