tokuhirom's blog

/dev/random のエントロピーが足りないときは Haveged を使う

/dev/random を利用した乱数生成器を利用する場合、VPS などの場合にはエントロピーが足りなくて stuck する場合があります。

たとえば以下のような感じ。

"localhost-startStop-1" #10 daemon prio=5 os_prio=0 tid=0x00007f63e8001800 nid=0x2697 runnable [0x00007f640251f000]
   java.lang.Thread.State: RUNNABLE
    at java.io.FileInputStream.readBytes(Native Method)
    at java.io.FileInputStream.read(FileInputStream.java:255)
    at sun.security.provider.SeedGenerator$URLSeedGenerator.getSeedBytes(SeedGenerator.java:539)
    at sun.security.provider.SeedGenerator.generateSeed(SeedGenerator.java:144)
    at sun.security.provider.SecureRandom$SeederHolder.<clinit>(SecureRandom.java:203)
    at sun.security.provider.SecureRandom.engineNextBytes(SecureRandom.java:221)
    - locked <0x00000000f8368610> (a sun.security.provider.SecureRandom)
    at java.security.SecureRandom.nextBytes(SecureRandom.java:468)
    - locked <0x00000000f8369080> (a java.security.SecureRandom)
    at java.security.SecureRandom.next(SecureRandom.java:491)
    at java.util.Random.nextInt(Random.java:329)
    at org.apache.catalina.util.SessionIdGenerator.createSecureRandom(SessionIdGenerator.java:246)
    at org.apache.catalina.util.SessionIdGenerator.getRandomBytes(SessionIdGenerator.java:183)
    at org.apache.catalina.util.SessionIdGenerator.generateSessionId(SessionIdGenerator.java:153)
    at org.apache.catalina.session.ManagerBase.startInternal(ManagerBase.java:573)
    at org.apache.catalina.session.StandardManager.startInternal(StandardManager.java:485)
    - locked <0x00000000f82d88f0> (a org.apache.catalina.session.StandardManager)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    - locked <0x00000000f82d88f0> (a org.apache.catalina.session.StandardManager)
    at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5501)
    - locked <0x00000000fadf5850> (a org.apache.catalina.core.StandardContext)
    at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
    - locked <0x00000000fadf5850> (a org.apache.catalina.core.StandardContext)
    at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1575)
    at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1565)
    at java.util.concurrent.FutureTask.run(FutureTask.java:266)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:745)

http://stackoverflow.com/questions/26227344/oracle-java-8-x64-for-linux-and-randomsource

このような場合、haveged を使うのが簡単です。 https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged

apt-get install haveged
update-rc.d haveged defaults

とかでOK。簡単。

Created: 2017-01-06 08:56:41 +0000
Updated: 2017-01-06 08:56:41 +0000