Lousy entropy - on all my TW installs

English Install/Boot/Login
#1

Hi!

I wanted to generate some keys and checked entropy first

 cat /proc/sys/kernel/random/entropy_avail
256

…and I checked on a total of 5 different TW installs with totally different hardware, uptime etc. they are all at 256 (which should be at least 1000).

What’s going on here? How to improve that?

#2

Hi
See https://lore.kernel.org/lkml/20220527084855.501642285@linuxfoundation.org/

#3

Nice wall of ASCII text, would you mind providing the key message? I had nice entropy of 1800 to 2600 in the past on my TWs…

#4

Hi
The code changed to a different method, more secure and better performance, 256 is the default now…

#5

Ok, many thanks! Any idea how to increase this default, even if it’s only for my personal well-being?

#6

Hi
I would assume you can echo > xxxx to it?

#7

And documentation for “it”? :slight_smile:

I really only need some good keys, not hours in crypto stuff…

#8

https://docs.kernel.org/admin-guide/sysctl/kernel.html#random


/sbin/sysctl kernel.random.entropy_availkernel.random.entropy_avail = 256

For example add to a file called say /etc/sysctl.d/98-random.conf

#9

Many thanks for helping out so far, but I’m to dumb (again…) to make this work:

sudo echo /proc/sys/kernel/random/write_wakeup_threshold -> 1024 
cat /proc/sys/kernel/random/write_wakeup_threshold 
256

and

sudo /sbin/sysctl kernel.random.entropy_avail = 1024 
kernel.random.entropy_avail = 256 
sysctl: malformed setting "=" 
sysctl: cannot stat /proc/sys/1024: No such file or directory

How to make this work? :frowning:

… I found this here

https://www.zx2c4.com/projects/linux-rng-5.17-5.18/inside-linux-kernel-rng-presentation-sept-13-2022.pdf

…but doesn’t help me much.

#10

Hi
Some system variables are not writable, guess this now falls into this category…


t-kglh3:~ # echo 1024 >> /proc/sys/kernel/random/write_wakeup_threshold 

t-kglh3:~ # sysctl kernel.random.write_wakeup_threshold 

kernel.random.write_wakeup_threshold = 1024

t-kglh3:~ # sysctl -w kernel.random.write_wakeup_threshold=2024 

kernel.random.write_wakeup_threshold = 2024

t-kglh3:~ # sysctl kernel.random.write_wakeup_threshold 

kernel.random.write_wakeup_threshold = 2024
#11

So somebody decided that linux doesn’t “need” more than 256 bit entropy anymore? srsly?

#12

Hi
Go read the reasons why it changed.

#13

How dare you ask him to read

rotfl!

#14

Sorry, this simply doesn’t work on my TW installs (tried 4 different machines):

dellscsi80722:~ # sysctl -w kernel.random.write_wakeup_threshold=2024
kernel.random.write_wakeup_threshold = 2024
dellscsi80722:~ # sysctl kernel.random.write_wakeup_threshold
kernel.random.write_wakeup_threshold = 256

?!!?

Tried it on a Leap 15.4, there it works.