Entropy and Linux systems

Java uses random numbers when encrypting data. In Linux, they are pulled from /dev/random, which is populated by interactions with the computer (mouse movement, keyboard presses, etc). With a Linux headless system (no interactive UI), these interactions rarely happen, which means it is more likely the Cleo Java processes will use up all the random numbers in /dev/random. In this case, calls to get a random number are blocked until there are more random numbers available and the overall effect is that the Linux machine will run slowly.

The rngd utility uses /dev/urandom to help seed /dev/random and keep it populated even when using many random numbers.

To check available entropy, use the following command: 

cat /proc/sys/kernel/random/entropy_avail

RedHat 6/CentOS 6

Use rngd to create entropy for RedHat 6/CentOS 6 systems:

Install rngd if not already present 

yum -y install rng-tools

Run the following command and edit the file as shown: 

nano /etc/sysconfig/rngd

    #include the following statement to feed urandom from random every 5 seconds 
     EXTRAOPTIONS="-r /dev/urandom -o /dev/random -t 5" 

service rngd 
start chkconfig rngd on

RedHat 7/CentOS 7

Use rngd to create entropy for RedHat 7/CentOS 7 systems. Install rngd if not already present. 

yum -y install rng-tools

Run the following command to create service file: 

systemctl start rngd

Run the following command and edit the file as shown: 

nano /usr/lib/systemd/system/rngd.service 

    #add the following statement 
     ExecStart=/sbin/rngd -f -r /dev/urandom 

systemctl daemon-reload 
systemctl start rngd 
systemctl status rngd

Ubuntu Linux

Use rngd to create entropy for Ubuntu Linux systems. Install rngd-tools if not already present. 

sudo apt-get install rng-tools

Run the following command and edit the file as shown: 

sudo nano /etc/default/rng-tools 
    #add the following statement 
     HRNGDEVICE=/dev/urandom 
sudo /etc/init.d/rng-tools restart