The pool of random numbers in Linux is derived primarily from user interaction (keystrokes and mouse movement). A server does not have such a source and the random pool may start running low, especially during periods of low system activity. This negatively affects security of many system services that use cryptography, making them more predictable.

One available solution is the haveged daemon that works to maintain the pool of random numbers at a healthy level (considered to be 200 at the very minimum). The daemon is easy enough to install:

Below is an illustration of the difference this utility makes:

haveged_001

Leave A Reply

Please enter your comment!
Please enter your name here