Use /dev/random for Random Number Data Generation
Required User Role: Root user
If your organization requires Tenable Security Center Director to use /dev/random instead of /dev/urandom to generate random number data for secure communication functions, modify the random data source using an environment variable.
Unlike /dev/urandom, /dev/random blocks HTTPS and SSL/TLS functions if there is not enough entropy to perform the functions. The functions resume after the system generates enough entropy.
Note: If /dev/random blocks during an installation or upgrade, the system waits up to 10 minutes for more entropy to be generated before halting the operation.
Tenable does not recommend using /dev/random unless required by your organization.
To use /dev/random for random number data generation in Tenable Security Center Director:
-
Log in to Tenable Security Center Director via the command line interface (CLI).
-
In the CLI in Tenable Security Center Director, run the following command:
export TSC_ENTROPY_CHECK=true
Tenable Security Center Director recognizes the environment variable and uses /dev/random.
What to do next:
-
Install or upgrade Tenable Security Center Director in order for your changes to take effect, as described in Install Tenable Security Center Director or Upgrade Tenable Security Center Director.