Originally published June 28, 2016 @ 11:23 am
The pool of random numbers in Linux is derived primarily from user interaction (keystrokes and mouse movement). A server does not have such a source and the random pool may start running low, especially during periods of low system activity. This negatively affects security of many system services that use cryptography, making them more predictable.
One available solution is the haveged daemon that works to maintain the pool of random numbers at a healthy level (considered to be 200 at the very minimum). The daemon is easy enough to install:
yum -y install haveged chkconfig haveged on service haveged start
Below is an illustration of the difference this utility makes:
Experienced Unix/Linux System Administrator with 20-year background in Systems Analysis, Problem Resolution and Engineering Application Support in a large distributed Unix and Windows server environment. Strong problem determination skills. Good knowledge of networking, remote diagnostic techniques, firewalls and network security. Extensive experience with engineering application and database servers, high-availability systems, high-performance computing clusters, and process automation.
