1RNGD(8)                     System Manager's Manual                    RNGD(8)
2
3
4

NAME

6       rngd - Check and feed random data from hardware device to kernel random
7       device
8
9

SYNOPSIS

11       rngd [-b, --background] [-f, --foreground] [-d, --debug]  [-l,  --list]
12       [-x,  --exclude] [-n, --include] [-O, --option] [-i, --ignorefail] [-o,
13       --random-device=file]  [-p,  --pid-file=file]  [-r,  --rng-device=file]
14       [-s,  --random-step=nnn]  [-t,  --test] [-W, --fill-watermark=nnn] [-R,
15       --force-reseed=nnn] [-q, --quiet] [-?, --help] [-V, --version]
16
17

DESCRIPTION

19       This daemon feeds data from a random number generator to  the  kernel's
20       random  number  entropy  pool,  after first checking the data to ensure
21       that it is properly random.
22
23       The -f or --foreground options can be used to tell rngd to avoid  fork‐
24       ing  on  startup.   This  is  typically  used for debugging.  The -b or
25       --background options, which fork and put rngd into the background auto‐
26       matically, are the default.
27
28       The  -r  or  --rng-device  options  can  be used to select an alternate
29       source of input, besides the default /dev/hwrng.  The -o  or  --random-
30       device  options  can  be used to select an alternate entropy output de‐
31       vice, besides the default /dev/random.  Note that this device must sup‐
32       port the Linux kernel /dev/random ioctl API.
33

OPTIONS

35       -b, --background
36              Become a daemon (default)
37
38       -f, --foreground
39              Do not fork and become a daemon
40
41       -d, --debug
42              Enable debug messages
43
44       -l, --list
45              List  the  indexes  and names of available entropy sources. Exit
46              code when listing sources is 0 if at least 1 entropy source  was
47              found and initialized, 1 otherwise.
48
49       -x, --exclude
50              Disable  entropy  sources based on index or (shortname) reported
51              from --list option
52
53       -n, --include
54              Enable entropy sources based on index  or  (shortname)  reported
55              from --list option
56
57       -O, --option
58              Provide  specific  config options to individual entropy sources,
59              in the format --option [index|shortname]:key:value.  See Entropy
60              Sources  section  below for indices and source specific options.
61              Note that specifying -O  [<index>|<shortname>]  will  print  the
62              available options for that index to the console
63
64       -p file, --pid-file=file
65              File  used for recording daemon PID, and multiple exclusion (de‐
66              fault: /var/run/rngd.pid)
67
68       -i, --ignorefail
69              Ignore repeated fips failures
70
71       -o file, --random-device=file
72              Kernel device used for random number output (default:  /dev/ran‐
73              dom)
74
75       -r file, --rng-device=file
76              Kernel device used for random number input (default: /dev/hwrng)
77
78       -s nnn, --random-step=nnn
79              Number of bytes written to random-device at a time (default: 64)
80
81       -t, --test
82              Enter test mode.  In this mode (which implies -f), all generated
83              entropy is discarded and rngd reports the amount of entropy gen‐
84              erated every second
85
86       -e nnn, --entropy-count=nnn
87              Number  of  bits to consider random when adding entropy. 1<=e<=8
88              (default: 8)
89
90       -W n, --fill-watermark=nnn
91              Once we start doing it, feed entropy to random-device  until  at
92              least  fill-watermark  bits  of entropy are available in its en‐
93              tropy pool.  By default, this value is set to 75% of the entropy
94              pool  size or 2048 bits if the entropy pool size couldn't be de‐
95              termined.  Setting this too high will cause rngd to dominate the
96              contents  of the entropy pool.  Low values will hurt system per‐
97              formance during entropy  starves.   Do  not  set  fill-watermark
98              above the size of the entropy pool (usually 4096 bits).  A value
99              of 0 to this option will cause no watermark to be set.
100
101       -R n, --force-reseed=nnn
102              For newer kernels which support non-blocking entropy  pools,  it
103              is  still  beneficial to periodically add fresh entropy as a re‐
104              seeding event.  --force-reseed defines the number of seconds be‐
105              tween  which  fresh entropy is added to the kernel entropy pool.
106              Defaults to 5 minutes.
107
108       -q, --quiet
109              Suppress all messages
110
111       -?, --help
112              Give a short summary of all program options.
113
114       -V, --version
115              Print program version
116
117

ENTROPY SOURCES

119        Rngd is made up of multiple entropy sources, the data  from  which  is
120       aggregated  and  fed  into the kernels entropy pool.  Note that not all
121       entropy sources are available on all systems, and if an entropy  source
122       is enabled for a system on which it is not appropriate (or possible) to
123       use, it may fail initialization.  It is not fatal to rngd for any  sin‐
124       gle  entropy  source  to  fail  during  startup.  Only a single entropy
125       sources is needed for rngd to operate.  The following  entropy  sources
126       are currently defined in rngd
127
128
129       Hardware RNG (hwrng) [Index 0]
130              The  Hardware RNG is a generic entropy source that draws entropy
131              from a hardware rng attached by default to /dev/hwrng
132
133
134       TPM (tpm) [Index 1]
135              Entropy drawn from on  board  TPM  device.   Note  this  entropy
136              source  is deprecated and will be removed soon, as newer tpm de‐
137              vices export entropy via /dev/hwrng, which is collected  by  the
138              hwrng source above
139
140
141       RDRAND/RDSEED (rdrand) [Index 2]
142              Entropy drawn from the RDRAND and RDSEED instructions (x86 only)
143
144       Options
145
146              use_aes  -   select if rdrand is used to seed a cprng to produce
147              entropy, or if all entropy is drawn  directly  from  rdrand  in‐
148              struction (default 0)
149
150
151       DARN (darn) [Index 3]
152              Entropy drawn from the DARN instruction (ppc64 only)
153
154       Options
155
156              use_aes  -   select if the power darn instruction is used to di‐
157              rectly fill the entropy poll, or if it is  used  as  a  periodic
158              seed to an aes based cprng (default 1)
159
160
161       RNDR (rndr) [Index 8]
162              Entropy drawn from the RNDR instruction (aarch64 only)
163
164
165       Options
166
167              use_aes  -   select  if  the arm rndr instruction is used to di‐
168              rectly fill the entropy poll, or if it is  used  as  a  periodic
169              seed to an aes based cprng (default 0)
170
171
172       NIST Entropy Beacon (nist) [Index 4]
173              Entropy  gathered  from  the  NIST network entropy beacon.  Note
174              that this entropy source is disabled by  default  as  it  should
175              never  be  used  for  cryptographic purposes, or any use case in
176              which random data should be known only by a single entity.
177
178
179       JITTER (jitter) [Index 5]
180              Entropy gathered by measuring timing variance of  operations  on
181              the local cpu
182
183       Options
184              thread_count  -   Set  the number of threads that the jitter en‐
185              tropy source will spawn
186
187              buffer_size -  Set the size of the buffer cache that each thread
188              maintains
189
190              refill_thresh  -  Set the low watermark for the cache that trig‐
191              gers its corresponding thread to start refill operations
192
193              retry_count -  If all entropy buffers are empty, retry this many
194              times  before  giving up.  Note that jitterentropy can take sev‐
195              eral seconds to refill a buffer, and so retries  after  a  delay
196              may  be preferable to repeatedly spining on an empty buffer (de‐
197              fault 1)
198
199              retry_delay -  between each retry for retry_count  above,  sleep
200              for  this many seconds. May also be the special value -1, repre‐
201              senting adaptive sleep, where each retry delay will be half  the
202              recorded execution time of the last entropy gathering round (de‐
203              fault -1)
204
205              force_soft_timer -  on platforms with a hardware timer  that  is
206              too coarse to sample jitter, we can instead use a software based
207              timer loop.  Detection and use of this mechanism  is  automatic,
208              but this can be useful for testing purposes
209
210
211       PKCS11 (pkcs11) [Index 6]
212              Entropy  gathered  via  the opensc openssl engine, which can ex‐
213              tract entropy from various smart card readers
214
215       Options
216              engine_path -  Set the patch for the pkcs11 engine DSO to load
217
218              chunk_size -  Some pkcs11 engines have restrictions on how  much
219              data  can be requested at a time, this option allows for the re‐
220              quest to be subdivided into smaller chunks to be satisfied
221
222
223       RTLSDR (rtlsdr) [Index 7]
224              Entropy gathered via the rtl  software  defined  radio  library,
225              which  can gather entropy using various usb software defined ra‐
226              dios listening to random radio static
227
228       Options
229              devid -  When multiple devices are available the  integer  index
230              of the device to use
231
232              freq_min -  The minimum frequence range to scan in
233
234              freq_max -  The maximum frequency range to scan in
235
236              sample_min -  The minimum sample rate of the radio
237
238              sample_max -  The maximum sample rate of the radio
239
240

AUTHORS

242       Philipp Rumpf
243       Jeff Garzik - jgarzik@pobox.com
244       Matt Sottek
245       Brad Hill
246       Neil Horman - nhorman@tuxdriver.com
247
248
249
250rng-tools 6.14                    March 2001                           RNGD(8)
Impressum