# not enough entropy - using clrngd, timer, audio-entropyd

## o5gmmob8

Hi all,

I am using clrngd, timer_entropyd, and audio-entropyd to generate entropy for my router which has hostapd to serve wireless.  Even with the 2 services generating / harvesting entropy, my entropy is very low (ie. < 200).  I'm not doing anything excessive on wireless that would drain the entropy that quickly, so I would think that with both of those services running, I should have more than sufficient entropy.

When I was using haveged on my Arch box, I had sufficient entropy (>= 3000).  Haveged depends on a version of openrc I am not running, what other options do I have or are my services perhaps mis-configured?

Thanks,

Walter

----------

## swanson

I'd check your routers /proc/sys/kernel/random/write_wakeup_threshold value as it defines the number of bits of entropy below which the kernel will wake up processes that do a select() or poll() for write access to /dev/random, i.e. add to entropy. Normally, write_wakeup_threshold is 128 so I'd set it in /etc/sysctl.conf to a higher value such as;

kernel.random.write_wakeup_threshold setting = 3072

I'm not a fan of timer based entropy generators as they use up CPU and are not really that random while audio_entropyd needs noise but which in a quiet room... I'm fortunate enough to have an Entropy Key serving real random entropy to my computers otherwise I'd use video-entropyd with an old analog TV card not tuned to any channel for that old black and white static as it were.

----------

## Logicien

Hi,

I had the same problem with Hostapd who was saying it lack of entropy at boot. I tried clrngd daemon, Hostapd stop to complain, but clrngd make the CPU load and temperature become very high. So I change to audio-entropyd who do the job with little CPU use.

Note that I put audio-entropyd in the boot level and hostapd in the default level to be sure that audio-entropyd start before hostapd.

I note your kernel configuration setup swanson. It look to be an interesting alternative to entropy daemons. This Linux kernel is doing a lot of things.

 :Very Happy: 

----------

## o5gmmob8

Hi guys,

Thanks for the feedback.  I noticed the same thing with clrng that it only seems to make the CPU skyrocket when it generates entropy every 4 minutes.  That is a good point about the wakeup_threshold.  I'll give that a try as well.

The odd thing is that with all those entropy daemons running, I still don't have that much entropy.  I do indeed have audio-entropyd running, but my it only appears to run on the device detected as the microphone and I don't have a mic plugged in.  I'll have to do more reading about audio-entropyd, hopefully that will provide sufficient entropy.

Walter

----------

## toralf

AFAIK there's a rng-tools package - could you use that too ?

----------

## o5gmmob8

Hi toralf,

Thanks for the information, but actually this I believe is specifically for hardware random number generators which I do NOT have unless they're already built-into my motherboard.  This package also provides tools for testing quality of entropy, so I do have it installed for that purpose.

Walter

----------

## toralf

beside that here's a nice discussion about /dev/[u]random : https://plus.google.com/117091380454742934025/posts/SDcoemc9V3J , especially T'so comments are worth to be read. And I took a  look onto clrnd´gd - but its from 2002 (isn't it ?) and uses too much CPU resources for just an entropy daemon - nothing for me.

----------

