Image of the glider from the Game of Life by John Conway
Skip to content

Haveged Continued

I noticed that on my machine, my entropy was staying high, then falling off. Then, at what appeared to be some arbitrary point, it would fill back up, in a very periodic manner. This is, of course, after running haveged in the background. Curious, I started looking into it. It took a while to find. Then noticed it. It was obvious. The "write_wakeup_threshold" is what is telling the daemon to fill the entropy pool with more data.

$ cat /proc/sys/kernel/random/write_wakeup_threshold

This is default, after installing haveged. But, the poolsize is 4096. It sure would be nice if the write_wakeup_threshold was 4096, rather than 1024. Well, you have two options to set it: you can use sysctl, or you can use haveged. Let's look at both (I prefer the latter). With sysctl, you just need to edit the /etc/sysctl.conf file, and add the following lines:

## Keep the entropy at full up
kernel.random.write_wakeup_threshold = 4096

Then run:

# sysctl -p
kernel.random.write_wakeup_threshold = 4096

Or, haveged ships with a configuration file to set this automatically when the daemon starts, and this should probably be the preferred way for setting it. Change the /etc/default/haveged file to use 4096 instead of 1024:

# Configuration file for haveged

# Options to pass to haveged:
#   -w sets low entropy watermark (in bits)
DAEMON_ARGS="-w 4096"

Then restart haveged:

# /etc/init.d/haveged restart
 * Restarting entropy daemon haveged

Now, check your Munin graphs (or whatever), and notice that your entropy never deviates from full up. Rawk.

{ 6 } Comments