Difference between revisions of "Haveged"

From ArchWiki
Jump to: navigation, search
(Created page with "The haveged project is an attempt to provide an easy-to-use, unpredictable random number generator based upon an adaptation of the HAVEGE algorithm. Haveged was created to rem...")
 
m
Line 2: Line 2:
  
 
=List available entropy=
 
=List available entropy=
If you aren't sure, whether you need haveged, run:
+
If you're not sure, whether you need haveged, run:
 
  # cat /proc/sys/kernel/random/entropy_avail
 
  # cat /proc/sys/kernel/random/entropy_avail
 
This command shows you how much entropy your server has collected.
 
This command shows you how much entropy your server has collected.

Revision as of 11:08, 23 October 2012

The haveged project is an attempt to provide an easy-to-use, unpredictable random number generator based upon an adaptation of the HAVEGE algorithm. Haveged was created to remedy low-entropy conditions in the Linux random device that can occur under some workloads, especially on headless servers.[1]

List available entropy

If you're not sure, whether you need haveged, run:

# cat /proc/sys/kernel/random/entropy_avail

This command shows you how much entropy your server has collected. If it is rather low (<1000), you should probably install haveged. Otherwise cryptographic applications will block until there is enough entropy available, which eg. could result in slow wlan speed, if your server is a Software Access Point.

You should use this command again to verify how much haveged boosted your entropy pool after the installation.

Installation

Install the package as usually with pacman:

# pacman -Sy haveged

systemd

To start the service once, run:

# systemctl start haveged.service

You'll probably want it to run everytime your server boots up, so run:

# systemctl enable haveged.service

SysV init system

Run it once:

# /etc/rc.d/haveged start

To start the daemon every time you boot up, add

haveged

to your daemons array in rc.conf.