You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@fineract.apache.org by Eric Owhadi <er...@esgyn.com> on 2019/06/18 16:58:52 UTC
Tricky issue to run demo-server on cloud hosted VMs - entropy / poor
quality random number generation
Hi Fineracteers,
Sharing a tricky issue getting fineract-cn demo-server to run on a VM hosted on our openStack based private cloud:
The random numbers generated were not of good quality due to low Entropy.
https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged
After I installed Haveged, the entropy numbers went above 1600, while it was around 500 without. The link suggest >1000 to be acceptable entropy number. With this, I am able to run demo server, with persist = true but only in lite mode.
Given it was tricky and time consuming to find this, I thought I'd share,
Regards,
Eric
Re: Tricky issue to run demo-server on cloud hosted VMs - entropy /
poor quality random number generation
Posted by Michael Vorburger <mi...@vorburger.ch>.
-Djava.security.egd=file:/dev/./urandom
is a related gotcha - Google it...
On Tue, 18 Jun 2019, 22:40 Victor Manuel Romero Rodriguez, <
vic_romero@hotmail.com> wrote:
> Hi,
>
> Nice trick, for production grade the "trick" should be at OS Host or
> Hypervisor level. Even some financial regulations request to have a
> dedicated hardware device to generate the randomness.
>
> https://wiki.openstack.org/wiki/VirtEntropyProvision
>
> Regards
>
> Victor
> El 18/06/19 a las 11:58, Eric Owhadi escribió:
>
> Hi Fineracteers,
>
> Sharing a tricky issue getting fineract-cn demo-server to run on a VM
> hosted on our openStack based private cloud:
>
> The random numbers generated were not of good quality due to low Entropy.
>
>
> https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged
>
>
>
> After I installed Haveged, the entropy numbers went above 1600, while it
> was around 500 without. The link suggest >1000 to be acceptable entropy
> number. With this, I am able to run demo server, with persist = true but
> only in lite mode.
>
> Given it was tricky and time consuming to find this, I thought I’d share,
>
> Regards,
>
> Eric
>
>
>
>
Re: Tricky issue to run demo-server on cloud hosted VMs - entropy /
poor quality random number generation
Posted by Victor Manuel Romero Rodriguez <vi...@hotmail.com>.
Hi,
Nice trick, for production grade the "trick" should be at OS Host or Hypervisor level. Even some financial regulations request to have a dedicated hardware device to generate the randomness.
https://wiki.openstack.org/wiki/VirtEntropyProvision
Regards
Victor
El 18/06/19 a las 11:58, Eric Owhadi escribió:
Hi Fineracteers,
Sharing a tricky issue getting fineract-cn demo-server to run on a VM hosted on our openStack based private cloud:
The random numbers generated were not of good quality due to low Entropy.
https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged
After I installed Haveged, the entropy numbers went above 1600, while it was around 500 without. The link suggest >1000 to be acceptable entropy number. With this, I am able to run demo server, with persist = true but only in lite mode.
Given it was tricky and time consuming to find this, I thought I’d share,
Regards,
Eric