Better entropy with haveged

Apr 29, 2014 00:00 · 169 words · 1 minute read link security entropy

Entropy is important for generating good encryption keys. Do you have a busy server relying on crypto, generating keys, you need lot of good entropy. Or if you have a disk less system you don’t get as much entropy from the kernel that you may wish. One way to get a lot of good entropy is to use haveged. Haveged is closer to a TRNG than a PRNG.

Excerpt from havegeds homepage: The haveged project is an attempt to provide an easy-to-use, unpredictable random number generator based upon an adaptation of the HAVEGE algorithm. Haveged was created to remedy low-entropy conditions in the Linux random device that can occur under some workloads, especially on headless servers. Current development of haveged is directed towards improving overall reliablity and adaptability while minimizing the barriers to using haveged for other tasks.

How to install

Install haveged from the repository - and that’s it.

sudo apt-get install haveged

Enjoy fast good entropy. Check your entropy

cat /proc/sys/kernel/random/entropy_avail