Andy Regan Ramblings of an Irish Sysadmin

27Jul/100

Lack of Entropy on Virtual Machine

If you are generating GPG keys on a virtual machine, you may encounter the following error.

Not enough random bytes available. Please do some other work to give the OS a chance to collect more entropy!

Operating systems generate randomness based on hardware input. This randomness is collected for use in applications which require random data (such as cryptographic applications). However, a virtual OS does not have the same level of access to real hardware. As a result, the usual source of randomness expected by the operating system is not available. The measure of randomness currently available (entropy) can be viewed by running $ cat /proc/sys/kernel/random/entropy_avail .

If the entropy pool drains, /dev/random will block until additional entropy is collected. One solution is to use /dev/urandom as a source. This will not block, but will produce lower quality randomness. You can use /dev/urandom by installing rng-tools and adding the following to /etc/default/rng-tools. Save and then restart rng-tools.

HRNGDEVICE=/dev/urandom

Unfortunately, using /dev/urandom is not suitable for my security requirements. A better solution would be to use a hardware entropy generator as described in Andy Smith's excellent post .

As a short-term work-around, I decided to generate keys on a physical host with a good quality source of randomness and then import them on the remote host.

Filed under: Linux No Comments
25Feb/100

Quickly Reset Linux File and Directory Permissions

Just a quick post so I can keep these commands handy (since I keep forgetting them). These will allow you to quickly set different permissions for all files (or all folders) within a specific directory in Linux.

Reset File Permissions

$find /path/to/directory/ -type f -exec chmod 644 {} \;

Reset Directory Permissions

$find /path/to/directory/ -type d -exec chmod 755 {} \;

Reset Permissions on 777 PHP Files Only

$find /path/to/directory/ -name \*.php -perm 777 -type f -exec chmod 644 {} \;

Tagged as: , , , No Comments
28Feb/090

Recovering Files From an Unmountable USB Key

The other night, myself and Rory managed to recover his friend's thesis from a wonky USB thumb drive. We used PhotoRec on Ubuntu Linux. PhotoRec comes with the TestDisk utility. You can install TestDisk via:


$apt-get update
$apt-get install testdisk

The first thing we did was run dmesg in a terminal to get a bit of info on what was going on. We ran dmesg before and after we plugged in the drive and noted the relevant output. The device eventually settled and was given the device location sdb by the kernel, but no filesystem was found.
The partition was likely corrupted somehow.

TestDisk could be used to try to repair the partition on the disk, but it could also damage the data further. We decided to make an image to work with using dd:


$sudo dd if=/dev/sdb ou=./disk_image

Use dd with care! Consult the man page for more info.

This copied the contents of the usb key block-by-block to a file called "disk_image". The was a 2G image (the total capacity) of the wonky drive.

We then used photorec to try to recover any files from the image.


$photorec ./disk_image

Et voila! PhotoRec worked its magic and we recovered the thesis, along with all the other files.

Tagged as: , , , , , , , , , No Comments
   Older Entries »

Recent Posts