summaryrefslogtreecommitdiff
path: root/system/haveged/README
blob: dee52968a6f602023ab53ce0cbcd1b165d6e3e9a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
haveged (a simple entropy-gathering daemon)

The haveged project is an attempt to provide an easy-to-use, unpredictable
random number generator based upon an adaptation of the HAVEGE algorithm.
Haveged was created to remedy low-entropy conditions in the Linux random device
that can occur under some workloads, especially on headless servers.

The HAVEGE algorithm is based upon the indirect effects of unrelated hardware
events on the instruction timing of a calculation that is sensitive to processor
features such as branch predictors and instruction/data access mechanisms.
Samples from a high-resolution timer are input into the algorithm to
produce a stream of random data in a collection buffer. The contents of this
buffer can be fed into the random device or accessed directly through the file
system. File system access is a useful alternative to those situations where
use of the random device is either inappropriate or not available.

Add the following snippet to your /etc/rc.d/rc.M to start up haveged at boot:

# Starting HAVEGED entropy daemon
if [ -x /etc/rc.d/rc.haveged ]; then
  /etc/rc.d/rc.haveged start
fi

You can see how many bits of entropy are available to the system by reading the
/proc/sys/kernel/random/entropy_avail file, and check the size of your entropy
pool at /proc/sys/kernel/random/poolsize.