Sometimes servers just have the weirdest SSL problems ever. In some of these situations, the entropy has been drained. Entropy is the measure of the random numbers available from /dev/urandom, and if you run out, you can’t make SSL connections. To check the status of your server’s entropy, just run the following:
# cat /proc/sys/kernel/random/entropy_avail
If it returns anything less than 100-200, you have a problem. Try installing rng-tools, or generating I/O, like large find operations. Linux normally uses keyboard and mouse input to generate entropy on systems without random number generators, and this isn’t very handy for dedicated servers.
Thanks for the great post.
On CentOS:
yum install rng-utils
Chau!
[...] From: http://rackerhacker.com/2007/07/01/check-available-entropy-in-linux/ [...]
I had the same problem on headless VirtualBox servers, the guest OS is Ubuntu. the solution:
How to setup enrtopy
1.sudo apt-get -y install rng-tools
2.Then, edit the file /etc/default/rng-tools
nano /etc/default/rng-tools
and this to the bottom of the file
HRNGDEVICE=/dev/urandom
3.sudo /etc/init.d/rng-tools restart
Hope this help a bit
Heywouter: That works pretty well, but some folks claim that /dev/urandom doesn’t give adequately random data:
http://lwn.net/Articles/185393/
I’ve used haveged with good results.
Homepage: http://www.issihosts.com/haveged/
Description: A simple entropy daemon using the HAVEGE algorithm