Re: 15 second delay during login
On Tue, 04 Jul 2006, martin f krafft wrote:
> also sprach Alexander Reelsen <alr@emplify.de> [2006.07.04.1247 +0200]:
> > > Is there anything else you'd say I should check?
> > You can check the available entropy via sysctl
>
> cat /proc/sys/kernel/random/entropy_avail
> 1
>
> Mh. Looks like Stephen was right after all.
>
> So what now? And why does this even concern me, as /dev/random is
> never used...?
Does cat /dev/urandom blocks at all? If you *really* want to be sure
nothing is using /dev/random behind your back, temporarily move it out of
the way and make it the same as /dev/urandom.
Emptying the /dev/random pool causes trouble for the kernel itself,
including slowdown of TCP. You can use rngtools in Debian and a source of
entropy (local or in the network with the help of a ssh tunnel) to fix the
issue once and for all.
A cheap VIA Nehemiah box can give you about 2Mbit/s *sustained* stream of
random bits with H>0.9 using the rngtools in Debian experimental, and it is
trivial to pipe that to the network using ssh or netcat (do this over netcat
only if your LAN is safe from eavesdroping or if you further post-process the
random stream).
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
Reply to: