Changes

From SME Server
Jump to navigationJump to search
m
WIP
Line 49: Line 49:  
Generate a password and write it to a file:
 
Generate a password and write it to a file:
 
  randpw 70 > mystrongpassword.txt
 
  randpw 70 > mystrongpassword.txt
 +
 +
 +
== Optimization ==
 +
The password is being generated based on a random selection of characters and numbers. The randomness in it's turn is based on several factors and a strong randomness is important to limit the predictability of a password, and thus ''strongness'' of a password. Simply put, the strongness of randomness can be compared to a sheet of white paper with dots. The more dots, the more lines and combination of dots one can create.
 +
 +
 +
"Dots" (entropy) are being collected by user activity like keyboard, mouse and other interaction and constantly updated in a /dev/ device. Since SME Server has little of such interaction, the "DOT level" may become low, and we don't want that for it will limit the number of combinations the randomizer can make between dots. As a reference, a normal level of dots averages between 2500 and 3500.
 +
 +
 +
The Haveged deamon will help to increase/maintain the level of dots, especially on a headless server where there is little user interaction with physical keyboards, mice etc. Please read [http://www.irisa.fr/caps/projects/hipsor/ '''here'''] for more information about the Haveged daemon and technical inner working.
 +
 +
 +
It is recommended to install the Haveged to ensure there are enough dots available to generate a strong password.
 +
 +
 +
Haveged is available from the [[http://wiki.contribs.org/Epel epel]] repository. To install it you have to enable the epel repository as described [[http://wiki.contribs.org/Epel '''here''']].
 +
 +
Then you can install Haveged:
 +
yum install haveged --enablerepo=epel
     

Navigation menu