Friday, April 24, 2015

/dev/random story reloaded

If a t3s protocol is used -> SSL requires Random Numbers -> it's important to check that famous /dev/random story.
first check if the JVM is using /dev/random or /dev/urandom
doing lsof -p PID | grep random can show you which Randomness source the JVM is using
To check the performance of /dev/random on your specific machine, check how fast this command returns:
head -n 1 /dev/random
check that you have:

it should be configured in : /opt/java/jdk160_85-64b/jre/lib/security/
see also

No comments: