Hi, I came across this term when I was configuring my Stats options on my Raspberry pi4 the other day and I still don't really understand what it means. I did find some sites that talk about it.. but what does it mean for my OpenWRT installation exactly? What is it measuring?
This is a screenshot of my installation for that past day.
Thanks
Entropy is how well the cryptographic random number generator in the kernel has been seeded. It should never decrease but misunderstandings early on in kernel development made people think that generating random numbers would "use it up"... When it gets low /dev/random will block, but /dev/urandom wont
Getting "true randomness" from outside events can be hard on embedded devices like routers, as there are no external human factors like mouse and keyboard, which could generate new random bits.
In the early years, Linux kernel developers decided to remove network drivers as an entropy source, which made the situation difficult for routers.
See old discussion (from 2011-2014) in https://dev.archive.openwrt.org/ticket/9631
OpenWrt added in 2013 an own patch to ath9k to get entropy from that wifi driver, but some later drivers like mwlwifi have been a bit problematic.
https://dev.archive.openwrt.org/changeset/38486.html
And as there is no hardware clock, the router always starts from the same time, so the urandom contents at boot are semi-deterministic. OpenWrt tackles that since 2016 by keeping a file /etc/urandom.seed that is written after each new boot cycle completes, so that in the next boot the random number generator gets seeded differently.
In general the entropy pool seems to be large enough nowadays. Once we get to kernel 5.6, the whole discussion gets obsolete, as /dev/random should not block any more. From that linked wiki article:
In October 2016, with the release of Linux kernel version 4.8, the kernel's /dev/urandom was switched over to a ChaCha20-based cryptographic pseudorandom number generator (CPRNG) implementation[16] by Theodore Ts'o, based on Bernstein's well-regarded stream cipher ChaCha20.
In 2020, the Linux kernel version 5.6 /dev/random only blocks when the CPRNG hasn't initialized. Once initialized, /dev/random and /dev/urandom behave the same.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.
