If I run this command in Ubuntu
sudo cat /proc/sys/kernel/random/entropy_avail
it returns a number that indicates how much "entropy" is available to the kernel, but that's about all I know. What unit is this entropy measured in? What is it used for? I've been told it's "bad" if that number is "low". How low is "low" and what "bad" things will happen if it is? What's a good range for it to be at? How is it determined?
Best Answer
Your system gathers some "real" random numbers by keeping an eye about different events: network activity, hardware random number generator (if available; for example VIA processors usually has a "real" random number generator), and so on. If feeds those to kernel entropy pool, which is used by /dev/random. Applications which need some extreme security tend to use /dev/random as their entropy source, or in other words, the randomness source.
If /dev/random runs out of available entropy, it's unable to serve out more randomness and the application waiting for the randomness stalls until more random stuff is available. The example I've seen during my career is that Cyrus IMAP daemon wanted to use /dev/random for the randomness and its POP sessions wanted to generate the random strings in APOP connections from /dev/random. In a busy environment there were more login attempts than traffic for feeding the /dev/random -> everything stalled. In that case I installed rng-tools and activated the rngd it had -- that shoveled semi-random numbers from /dev/urandom to /dev/random in case /dev/random ran out of "real" entropy.