According to Wikipedia, entropy is the randomness collected by an operating system or application for use in cryptography or other uses that require random data.
Entropy is often overlooked, misconfigured or forgotten and it can originate in sporadic errors whether it can be timeouts, refused connections, etc. Such errors are difficult to debug as the errors happen only when there is not enough entropy available.
This article tries to explain briefly how to check if this can be a problem in a RHEL system and how to fix it.
NOTE: This article is meant to provide some helpful hints about entropy. It is not meant to be exhaustive or definitive. There are hundreds of information sources on the Internet such as KCS articles; https://access.redhat.com/articles/221583 and https://access.redhat.com/solutions/19866 where this article is based. Check the bibliography section for more information.
Continue reading “Entropy in RHEL based cloud instances”
This blog is to resolve the following issues/answering the following questions.
- How to enable a repository using the Red Hat Subscription Manager/yum?
- Need to access a repository using the Red Hat Subscription Manager/yum?
- How to disable a repository using the Red Hat Subscription Manager/yum?
- How to subscribe a child channel using the Red Hat Subscription Manager/yum?
Continue reading “How to enable/disable repository using Subscription Manager or Yum-Utils”
This blog describes how a script can be used to automate Open vSwitch PVP testing. The goal for this PVP script was to have a quick (and dirty) way to verify the performance (change) of an Open vSwitch (DPDK) setup. This script either works with a Xena Networks traffic generator or the T-Rex Realistic Traffic Generator. For details on what the PVP test does, please refer to the following blog post, Measuring and comparing Open vSwitch performance.
Continue reading “Automated Open vSwitch PVP testing”
It has long been recognized that unconstrained growth of memory usage constitutes a potential denial of service vulnerability. Qualys has shown that such unconstrained growth can be combined with other vulnerabilities and exploited in ways that are more serious.
Continue reading “Stack Clash Mitigation in GCC — Background”
This blog aims for Administrators who need to handle large numbers of VLANs in virtualization/namespaces with a bridge. With the VLAN filter, people don’t need to create dozens of VLANs and bridges anymore. With only ONE bridge, you can control all VLANs. See more details in this blog.
Continue reading “VLAN filter support on bridge”
Introduction to NuGet with .NET Core
NuGet is an open source package manager for the .NET Core ecosystem. For those familiar with Red Hat Enterprise Linux (RHEL), you can think of it as the “yum” for pulling libraries into your .NET Core project. Working with NuGet packages in .NET Core applications is accomplished primarily through your project’s
.csproj file and the dotnet command-line interface.
Continue reading “Introduction to NuGet with .NET Core on RHEL”
A few months ago, on this blog, we talked about MACsec. In this post, I want to introduce the work we’ve done since then. Since that work revolves around methods to configure MACsec, this will also act as a guide to configure it by two methods: wpa_supplicant alone, or NetworkManager with wpa_supplicant.
If you read the previous MACsec post, you probably thought that this whole business of generating keys and creating “secure associations” isn’t very convenient, especially given that you then have to monitor your associations and generate new keys manually. And you’re right: it’s not.
Besides, if you run RHEL or Fedora, you’re probably used to configuring your network with NetworkManager, so you would expect to be able to configure MACsec with NetworkManager as well. We’re going to describe this below. First, let’s go a little bit behind the scenes.
Continue reading “What’s new in MACsec: setting up MACsec using wpa_supplicant and (optionally) NetworkManager”