1random(7D)                          Devices                         random(7D)
2
3
4

NAME

6       random, urandom - Strong random number generator device
7

SYNOPSIS

9       /dev/random
10
11
12       /dev/urandom
13
14

DESCRIPTION

16       The  /dev/random  and  /dev/urandom  files are special files that are a
17       source for random bytes generated by the kernel random number generator
18       device.  The /dev/random and /dev/urandom files are suitable for appli‐
19       cations requiring high quality random numbers  for  cryptographic  pur‐
20       poses.
21
22
23       The  generator  device  produces  random  numbers from data and devices
24       available to the kernel and estimates  the  amount  of  randomness  (or
25       "entropy")  collected  from these sources. The entropy level determines
26       the amount of high quality random numbers that are produced at a  given
27       time.
28
29
30       Applications retrieve random bytes by reading /dev/random or /dev/uran‐
31       dom. The /dev/random interface returns random bytes  only  when  suffi‐
32       cient  amount  of entropy has been collected. If there is no entropy to
33       produce the requested number of bytes, /dev/random  blocks  until  more
34       entropy  can  be obtained. Non-blocking I/O mode can be used to disable
35       the blocking behavior. The /dev/random interface also supports poll(2).
36       Note  that  using  poll(2)  will not increase the speed at which random
37       numbers can be read.
38
39
40       Bytes retrieved from /dev/random provide  the  highest  quality  random
41       numbers  produced  by  the  generator, and can be used to generate long
42       term keys and other high value keying material.
43
44
45       The  /dev/urandom interface returns bytes regardless of the  amount  of
46       entropy  available.  It does not block on a read request due to lack of
47       entropy. While bytes produced by  the  /dev/urandom  interface  are  of
48       lower  quality than bytes produced by /dev/random, they are nonetheless
49       suitable for less demanding and shorter term cryptographic uses such as
50       short term session keys, paddings, and challenge strings.
51
52
53       Data  can  be  written to /dev/random and /dev/urandom. Data written to
54       either special file is added to the generator's  internal  state.  Data
55       that  is  difficult to predict by other users may contribute randomness
56       to the generator state and help improve the quality of future generated
57       random numbers.
58
59
60       /dev/random  collects  entropy  from providers that are registered with
61       the kernel-level cryptographic framework and  implement  random  number
62       generation  routines. The cryptoadm(1M) utility allows an administrator
63       to configure which providers will be used with /dev/random.
64

ERRORS

66       EAGAIN     O_NDELAY or O_NONBLOCK was  set  and  no  random  bytes  are
67                  available for reading from /dev/random.
68
69
70       EINTR      A   signal   was  caught  while  reading  and  no  data  was
71                  transferred.
72
73
74       ENOXIO     open(2) request failed on  /dev/random  because  no  entropy
75                  provider is available.
76
77

FILES

79       /dev/random
80
81
82       /dev/urandom
83
84

ATTRIBUTES

86       See attributes(5) for descriptions of the following attributes:
87
88
89
90
91       ┌─────────────────────────────┬─────────────────────────────┐
92       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
93       ├─────────────────────────────┼─────────────────────────────┤
94       │Availability                 │ SUNWcsr                     │
95       │Interface Stability          │Evolving                     │
96       └─────────────────────────────┴─────────────────────────────┘
97

SEE ALSO

99       cryptoadm(1M), open(2), poll(2), attributes(5)
100

NOTES

102       /dev/random  can be configured to use only the hardware-based providers
103       registered with the kernel-level cryptographic framework  by  disabling
104       the software-based provider using cryptoadm(1M). You can also use cryp‐
105       toadm(1M) to obtain the name of the software-based provider.
106
107
108       Because no entropy is available,  disabling  all  randomness  providers
109       causes  read(2)  and  poll(2)  on /dev/random to block indefinitely and
110       results in a warning message being logged and displayed on  the  system
111       console.  However, read(2) and poll(2) on /dev/urandom continue to work
112       in this case.
113
114
115       An implementation of the /dev/random and /dev/urandom kernel-based ran‐
116       dom number generator first appeared in Linux 1.3.30.
117
118
119       A /dev/random interface for Solaris first appeared as part of the Cryp‐
120       toRand implementation.
121
122
123
124SunOS 5.11                        1 Sep 2008                        random(7D)
Impressum