Setting up additional entropy for your Ubuntu VPS with haveged
We've recently ran into an issue with one of our staging servers where a scheduled cron job would occassionally hang for a few minutes before executing. The issue turned out to be due to a low entopy (i.e. randomness) value in /proc/sys/kernel/random/entropy_avail
.
Randomness in Linux is generated from hardware interrupts such as the keyboard, mouse, and disk/network IO. This goes into a pool which then gets consumed by applications that require randomness for security, such as when making SSH/SFTP connections.
Since VM servers are typically headless, the sources of entropy is limited. In our case, this particular staging server also has very little activity most of the time so the entropy available was quite low, causing our script to stall as it waits for more entropy to become available before it can execute.
We've seen the same behavior also occur on our Jenkins server during deployment. We use Ansible to deploy code to our servers which uses SSH. There were times when the Jenkins job will hang for a few seconds to a few minutes right at the very beginning due to insufficient entropy which are needed for the SSH connections.
A quick fix for this is to install the haveged package to generate additional entropy.
To check whether you might need to install this package, run the following command:
cat /proc/sys/kernel/random/entropy_avail
If the value is less than 1000, then you should probably install this package.
To install haveged
on Ubuntu 18.04, simply run this command:
sudo apt install haveged
That's it. No configuration changes needed, it will run the daemon and will also start automatically when the server is rebooted. You'll notice the entropy_avail
value will already be much higher after installing it.
Resources
Tags: howto, linux, tech, software development