Difference between revisions of "Haveged"

From ArchWiki
Jump to: navigation, search
(Add category. See Help:Category.)
m (Fix section header level. See Help:Style.)
Line 2: Line 2:
 
The haveged project is an attempt to provide an easy-to-use, unpredictable random number generator based upon an adaptation of the HAVEGE algorithm. Haveged was created to remedy low-entropy conditions in the Linux random device that can occur under some workloads, especially on headless servers.[http://www.issihosts.com/haveged/]
 
The haveged project is an attempt to provide an easy-to-use, unpredictable random number generator based upon an adaptation of the HAVEGE algorithm. Haveged was created to remedy low-entropy conditions in the Linux random device that can occur under some workloads, especially on headless servers.[http://www.issihosts.com/haveged/]
  
=List available entropy=
+
==List available entropy==
 
If you're not sure, whether you need haveged, run:
 
If you're not sure, whether you need haveged, run:
 
  # cat /proc/sys/kernel/random/entropy_avail
 
  # cat /proc/sys/kernel/random/entropy_avail
Line 10: Line 10:
 
You should use this command again to verify how much haveged boosted your entropy pool after the installation.
 
You should use this command again to verify how much haveged boosted your entropy pool after the installation.
  
=Installation=
+
==Installation==
 
Install the package as usually with pacman:
 
Install the package as usually with pacman:
 
  # pacman -Sy haveged
 
  # pacman -Sy haveged

Revision as of 01:48, 24 October 2012

The haveged project is an attempt to provide an easy-to-use, unpredictable random number generator based upon an adaptation of the HAVEGE algorithm. Haveged was created to remedy low-entropy conditions in the Linux random device that can occur under some workloads, especially on headless servers.[1]

List available entropy

If you're not sure, whether you need haveged, run:

# cat /proc/sys/kernel/random/entropy_avail

This command shows you how much entropy your server has collected. If it is rather low (<1000), you should probably install haveged. Otherwise cryptographic applications will block until there is enough entropy available, which eg. could result in slow wlan speed, if your server is a Software Access Point.

You should use this command again to verify how much haveged boosted your entropy pool after the installation.

Installation

Install the package as usually with pacman:

# pacman -Sy haveged

systemd

To start the service once, run:

# systemctl start haveged.service

You'll probably want it to run everytime your server boots up, so run:

# systemctl enable haveged.service

SysV init system

Run it once:

# /etc/rc.d/haveged start

To start the daemon every time you boot up, add

haveged

to your daemons array in rc.conf.