Random Entropy
Random Entropy is used for all kinds of things on a linux server. You need enough of it for pretty much everything to work - to be able to generate sufficiently random numbers. On a VPS, it can be difficult to have enough events to generate sufficient entropy. If a server does a lot of crypto functions, it can also exhaust itself even if it is bare-metal. To get around it, there are a couple of daemons that can be installed.
Query the amount of random entropy available on a system:
$ cat /proc/sys/kernel/random/entropy_avail 3120
If this number is low, less than 2000, you really don't have enough entropy available to do things like SSL or SSH connections. On a VPS server, this is usually quite a problem.
To solve this issue, there are a couple of options. Only one of these should be on a system.
- rng-tools
- This is the best option, if it's available. You can check to see if your CPU has support for it by running
grep rdrand /proc/cpuinfo. If the list of flags is returned, you have inbuilt support available. Alternatively, there might be a hardware device provided on/dev/hwrng.
To install rngd, do the normalapt-get install rng-tools. - haveged
- The haveged daemon uses HAVEGE algorithm to feed entropy into the system. This is based on extracting randomness from the other operations the CPU is doing while executing the other machines on the same metal.
apt-get install haveged