haveged (a simple entropy-gathering daemon)
The haveged project is an attempt to provide an easy-to-use, unpredictable
random number generator based upon an adaptation of the HAVEGE algorithm.
Haveged was created to remedy low-entropy conditions in the Linux random
device that can occur under some workloads, especially on headless servers.
The HAVEGE algorithm is based upon the indirect effects of unrelated hardware
events on the instruction timing of a calculation that is sensitive to
processor features such as branch predictors and instruction/data access
mechanisms.
Samples from a high-resolution timer are input into the algorithm to
produce a stream of random data in a collection buffer. The contents of this
buffer can be fed into the random device or accessed directly through the
file system. File system access is a useful alternative to those situations
where use of the random device is either inappropriate or not available.
Add the following snippet to your /etc/rc.d/rc.M to start up haveged at boot:
# Starting HAVEGED entropy daemon
if [ -x /etc/rc.d/rc.haveged ]; then
/etc/rc.d/rc.haveged start
fi
You can see how many bits of entropy are available to the system by reading
the /proc/sys/kernel/random/entropy_avail file, and check the size of your
entropy pool at /proc/sys/kernel/random/poolsize.