How can I increase /proc/sys/kernel/random/entropy_avail

Question

I have access to genuine random numbers - random.org, for example.

I have a number of processes using /dev/random and my value for /proc/sys/kernel/random/entropy_avail is 143, which is pretty low.

I'd like to have a process that monitors /proc/sys/kernel/random/entropy_avail and, when it drops below about 3000, tops it up.

How can I incorporate the random numbers from random.org into /dev/random so that entropy_avail increases?

Answer 1

Do not use an online source of entropy!

If your system currently has insufficient entropy, then it will not be able to make a secure connection to random.org and any material you download from it will not be secret. Furthermore, you should not be using the blocking device anyway. It's perfectly fine to use /dev/urandom, no matter how low the entropy estimate is. If for whatever reason you are using a program that is foolishly using the blocking device, you can keep it topped off by installing haveged, a daemon that attempts to generate random data from memory latency. Please see https://www.2uo.de/myths-about-urandom for more.

If you still want to shoot yourself in the foot, then you can use an IOCTL on the random character device to adjust the entropy estimate. From random(4), the RNDADDENTROPY IOCTL is what you want:

RNDADDENTROPY
       Add some additional entropy to the input pool, incrementing
       the entropy count.  This differs from writing to /dev/random
       or /dev/urandom, which only adds some data but does not incre‐
       ment the entropy count.  The following structure is used:

           struct rand_pool_info {
               int    entropy_count;
               int    buf_size;
               __u32  buf[0];
           };

       Here entropy_count is the value added to (or subtracted from)
       the entropy count, and buf is the buffer of size buf_size
       which gets added to the entropy pool.

This IOCTL requires the CAP_SYS_ADMIN capability to function.

---

Very related:

• Linux kernel entropy - does it matter to /dev/urandom and what is a minimum?

• Feeding /dev/random entropy pool?

• Is a rand from /dev/urandom secure for a login key?

• Is "always use /dev/urandom" still good advice in an age of containers and isolation?

Answer 2

Given that the only existing answer to this question explains things that aren't viable, here are a couple of options which might be viable:

1. haveged - https://github.com/jirka-h/haveged, which uses the HAVEGE algorithm described at https://www.irisa.fr/caps/projects/hipsor/; available on Debian/Ubuntu in the package of the same name.
2. rng-tools - uses built-in hardware entropy sources and (optionally) the Intel/AMD RDRAND instruction; available in Debian/Ubuntu in the packages rng-tools-debian and rng-tools5.

This is not an endorsement of the options listed above, just a note that there may be usable options. Evaluating their security or randomness quality is an exercise left to the reader. :-)

Note also that in Linux kernel 5.x, changes to the entropy generation in the kernel mean that an algorithm similar to HAVEGE is built in, and /dev/random is no longer blocking. (See the links in the haveged README for details.)