[clug] entropy

Kim Holburn kim.holburn at anu.edu.au
Sat Aug 30 08:55:44 EST 2003


We've been having an odd problem recently.  We've narrowed down what the problem is and it's even weirder.  We run a number of small servers that offer just 1 or 2 services.  Because they are servers they have no keyboard or mouse and because they are so specialised we don't log in very much so there is little human interaction.  They appear to run out of entropy very quickly (is that how you say it?).  The entropy pool is very small and /dev/random can block for a long time.  Entropy is of course needed for things like ssh not to mention tcp streams.  

Apparently the consensus is that you can't use the network device for entropy "because an attacker might potentially control input and make it non-random".  Is this possible?  I don't know.

Anyway one option which we might use is to attach microphones and use the sound to create entropy using audio-entropyd.  

Has anyone else gone through something similar?

When I talked about this to someone who doesn't know much about computers they looked at me very strangely;-)

Kim Holburn  
Network Consultant - Telecommunications Engineering
Research School of Information Sciences and Engineering
Australian National University - Ph: +61 2 61258620 M: +61 0417820641
Email: kim.holburn at anu.edu.au  - PGP Public Key on request

Life is complex - It has real and imaginary parts.
     Andrea Leistra (rec.arts.sf.written.Robert-jordan)

More information about the linux mailing list