|
1 | | -# epf |
2 | | -Entropy Pool Feeder |
| 1 | +# Entropy Pool Feeder (epf) for Linux |
| 2 | + |
| 3 | +The 'epf' is a utility used for feeding the Linux entropy pool with true random bytes which are securely downloaded from a remote service such as https://entropysector.com |
| 4 | + |
| 5 | +## Description |
| 6 | + |
| 7 | +In Linux, the entropy pool is used as a source of high quality randomness needed for a varioty of security operations. |
| 8 | +The entropy pool is accessed using /dev/random device. To avoid entropy pool starvation, it is important to maintain the pool with enough amount of randomness. The 'epf' utility will continously whatch the entropy pool and will feed it with highh quality randomness when the entropy level is below the threshold value. |
| 9 | + |
| 10 | +The true random byte stream is downloaded from a remote service using SSL and it is additionaly encrypted to ensure high security. |
| 11 | + |
| 12 | +## Getting Started |
| 13 | + |
| 14 | +To build and run 'epf' utility you will need a sudo access permissions to your Linux instance and an Internet connection. |
| 15 | + |
| 16 | +### Dependencies |
| 17 | + |
| 18 | +The following dependencies are required to successfully build the 'epf' utility: |
| 19 | + |
| 20 | +* C++ compiler |
| 21 | +* openssl development |
| 22 | + |
| 23 | +C++ compiler can be installed in Ubuntu with the following command: |
| 24 | +``` |
| 25 | +sudo apt-get install g++ |
| 26 | +``` |
| 27 | +C++ compiler can be installed in CentOS with the following command: |
| 28 | +``` |
| 29 | +sudo yum install gcc-c++ |
| 30 | +``` |
| 31 | +Openssl development dependency can be installed on CentOS with the following command: |
| 32 | +``` |
| 33 | +sudo yum install openssl-devel |
| 34 | +``` |
| 35 | +Openssl development dependency can be installed on Ubuntu with the following command: |
| 36 | +``` |
| 37 | +sudo apt-get install libssl-dev |
| 38 | +``` |
| 39 | +### Installing |
| 40 | + |
| 41 | +* Download the project: |
| 42 | +``` |
| 43 | +git clone git@bitbucket.org:tectrolabs/epf.git |
| 44 | +``` |
| 45 | +* Build the 'epf' utility: |
| 46 | +``` |
| 47 | +cd epf |
| 48 | +make |
| 49 | +``` |
| 50 | +* Install the necessary executables: |
| 51 | +``` |
| 52 | +sudo make install |
| 53 | +``` |
| 54 | +* Copy configuration and public key files to /etc/epf directory: |
| 55 | +``` |
| 56 | +sudo mkdir /etc/epf |
| 57 | +sudo cp epf.properties /etc/epf/ |
| 58 | +sudo cp epf-pubkey.pem /etc/epf |
| 59 | +``` |
| 60 | +* Create the log folder |
| 61 | +``` |
| 62 | +sudo mkdir /var/log/epf |
| 63 | +``` |
| 64 | +* Add a new crontab entry: |
| 65 | +``` |
| 66 | +sudo crontab -e |
| 67 | +``` |
| 68 | +Add the following line at the end: |
| 69 | +``` |
| 70 | +@reboot /usr/local/bin/run-epf.sh >> /var/log/epf/run-epf.log 2>&1 |
| 71 | +``` |
| 72 | +Save the changes |
| 73 | +* Reboot |
| 74 | + |
| 75 | +### Verify 'epf' is working |
| 76 | + |
| 77 | +* Check for any errors in /var/log/epf/run-epf.log |
| 78 | +* Verify the /etc/random pool is getting populated by running the following command (it should not block): |
| 79 | +``` |
| 80 | +dd if=/dev/random of=/dev/null bs=4800 count=10 iflag=fullblock |
| 81 | +``` |
| 82 | + |
| 83 | +``` |
| 84 | +code blocks for commands |
| 85 | +``` |
| 86 | + |
| 87 | +## Authors |
| 88 | + |
| 89 | +Andrian Belinski |
| 90 | + |
| 91 | +## License |
| 92 | + |
| 93 | +This project is licensed under the [Andrian Belinski] License - see the LICENSE file for details |
0 commit comments