Use /dev/random for Random Number Data Generation

Required User Role: Root user

If your organization requires Tenable.sc to use /dev/random instead of /dev/urandom to generate random number data for secure communication functions, modify the random data source using an environment variable.

Unlike /dev/urandom, /dev/random blocks HTTPS and SSL/TLS functions if there is not enough entropy to perform the functions. The functions resume after the system generates enough entropy.

Note: If /dev/random blocks during an installation or upgrade, the system waits up to 10 minutes for more entropy to be generated before halting the operation.

Tenable does not recommend using /dev/random unless required by your organization.

To use /dev/random for random number data generation in Tenable.sc:

  1. Log in to Tenable.sc via the command line interface (CLI).

  2. In the CLI in Tenable.sc, run the following command:

    export TSC_ENTROPY_CHECK=true

    Tenable.sc recognizes the environment variable and uses /dev/random.

What to do next: