> Hello,
>
> On Tue, Sep 01, 2020 at 04:47:41PM +0100, Hugh Frostick wrote:
> > I have a VPS on Centos 7.8 with Virtualmin which is ok.
> >
> > I have a new VPS on Centos 8.2 with Virtualmin (and different purpose set up
> - principally has Dovecot) which has this process using 60-95% cpu:
> > /sbin/rngd -f --fill-watermark=0
> >
> > Just rebooted and it simply carried on again.
>
> I've no idea what is wrong with your rngd, but BitFolk has some
> hardware entropy devices which you can use so you don't need to fake
> it with rngd.
>
> https://tools.bitfolk.com/wiki/Entropy#BitFolk.27s_entropy_service
>
> (The rest of this article needs rewriting in light of subsequent
> changes to Linux's random subsystem, but the instructions for the
> entropy service are accurate for Debian/Ubuntu.)
>
> Is ekeyd-egd-linux available for CentOS?
>
> May I ask why you are using rngd? AFAIK on modern Linux everything
> should be pointed at /dev/urandom which will never block except
> possibly at early boot time. People have been using things like rngd
> and haveged to get past the early stall. Is that why you have been
> using it or is there some other reason?
>
> Having sdaid that, I did some experiments last year with a Debian
> buster VM and unless I disable the RDRAND CPU instruction is gets
> entropy pretty quickly (1.14 seconds vs 48.88s):
>
> http://strugglers.net/~andy/blog/2019/07/11/experiments-with-rdrand-and-
> entropykey/
>
> So is the boot stage even an issue?
>
> I think that you should only see boot time entropy starvation on a
> BitFolk VM if you purposefully disable RDRAND¹.
>
> Cheers,
> Andy
>
> ¹ e.g. because you believe it is a black box made by Intel at the
> behest of the NSA
Hi Andy
I did not start the service myself.
I don’t know what it is used by or it purpose.
I killed it an hour ago but am too novice to know what to do next...
Will need to do more googling when less busy I guess.
cheers
Hugh
