1RNGD(8) System Manager's Manual RNGD(8)
2
6 rngd - Check and feed random data from hardware device to kernel random
7 device
8
11 rngd [-b, --background] [-f, --foreground] [-d, --debug] [-l, --list]
12 [-x, --exclude] [-n, --include] [-O, --option] [-i, --ignorefail] [-o,
13 --random-device=file] [-p, --pid-file=file] [-r, --rng-device=file]
14 [-s, --random-step=nnn] [-t, --test] [-W, --fill-watermark=nnn] [-R,
15 --force-reseed=nnn] [-q, --quiet] [-?, --help] [-V, --version]
16
19 This daemon feeds data from a random number generator to the kernel's
20 random number entropy pool, after first checking the data to ensure
21 that it is properly random.
22 The -f or --foreground options can be used to tell rngd to avoid fork‐
24 ing on startup. This is typically used for debugging. The -b or
25 --background options, which fork and put rngd into the background auto‐
26 matically, are the default.
27 The -r or --rng-device options can be used to select an alternate
29 source of input, besides the default /dev/hwrng. The -o or --random-
30 device options can be used to select an alternate entropy output de‐
31 vice, besides the default /dev/random. Note that this device must sup‐
32 port the Linux kernel /dev/random ioctl API.
33
35 -b, --background
36 Become a daemon (default)
37 -f, --foreground
39 Do not fork and become a daemon
40 -d, --debug
42 Enable debug messages
43 -l, --list
45 List the indexes and names of available entropy sources. Exit
46 code when listing sources is 0 if at least 1 entropy source was
47 found and initialized, 1 otherwise.
48 -x, --exclude
50 Disable entropy sources based on index or (shortname) reported
51 from --list option
52 -n, --include
54 Enable entropy sources based on index or (shortname) reported
55 from --list option
56 -O, --option
58 Provide specific config options to individual entropy sources,
59 in the format --option [index|shortname]:key:value. See Entropy
60 Sources section below for indices and source specific options.
61 Note that specifying -O [<index>|<shortname>] will print the
62 available options for that index to the console
63 -p file, --pid-file=file
65 File used for recording daemon PID, and multiple exclusion (de‐
66 fault: /var/run/rngd.pid)
67 -i, --ignorefail
69 Ignore repeated fips failures
70 -o file, --random-device=file
72 Kernel device used for random number output (default: /dev/ran‐
73 dom)
74 -r file, --rng-device=file
76 Kernel device used for random number input (default: /dev/hwrng)
77 -s nnn, --random-step=nnn
79 Number of bytes written to random-device at a time (default: 64)
80 -t, --test
82 Enter test mode. In this mode (which implies -f), all generated
83 entropy is discarded and rngd reports the amount of entropy gen‐
84 erated every second
85 -e nnn, --entropy-count=nnn
87 Number of bits to consider random when adding entropy. 1<=e<=8
88 (default: 8)
89 -W n, --fill-watermark=nnn
91 Once we start doing it, feed entropy to random-device until at
92 least fill-watermark bits of entropy are available in its en‐
93 tropy pool. By default, this value is set to 75% of the entropy
94 pool size or 2048 bits if the entropy pool size couldn't be de‐
95 termined. Setting this too high will cause rngd to dominate the
96 contents of the entropy pool. Low values will hurt system per‐
97 formance during entropy starves. Do not set fill-watermark
98 above the size of the entropy pool (usually 4096 bits). A value
99 of 0 to this option will cause no watermark to be set.
100 -R n, --force-reseed=nnn
102 For newer kernels which support non-blocking entropy pools, it
103 is still beneficial to periodically add fresh entropy as a re‐
104 seeding event. --force-reseed defines the number of seconds be‐
105 tween which fresh entropy is added to the kernel entropy pool.
106 Defaults to 5 minutes.
107 -q, --quiet
109 Suppress all messages
110 -?, --help
112 Give a short summary of all program options.
113 -V, --version
115 Print program version
116
119 Rngd is made up of multiple entropy sources, the data from which is
120 aggregated and fed into the kernels entropy pool. Note that not all
121 entropy sources are available on all systems, and if an entropy source
122 is enabled for a system on which it is not appropriate (or possible) to
123 use, it may fail initialization. It is not fatal to rngd for any sin‐
124 gle entropy source to fail during startup. Only a single entropy
125 sources is needed for rngd to operate. The following entropy sources
126 are currently defined in rngd
127 Hardware RNG (hwrng) [Index 0]
130 The Hardware RNG is a generic entropy source that draws entropy
131 from a hardware rng attached by default to /dev/hwrng
132 TPM (tpm) [Index 1]
135 Entropy drawn from on board TPM device. Note this entropy
136 source is deprecated and will be removed soon, as newer tpm de‐
137 vices export entropy via /dev/hwrng, which is collected by the
138 hwrng source above
139 RDRAND/RDSEED (rdrand) [Index 2]
142 Entropy drawn from the RDRAND and RDSEED instructions (x86 only)
143 Options
145 use_aes - select if rdrand is used to seed a cprng to produce
147 entropy, or if all entropy is drawn directly from rdrand in‐
148 struction (default 0)
149 DARN (darn) [Index 3]
152 Entropy drawn from the DARN instruction (ppc64 only)
153 Options
155 use_aes - select if the power darn instruction is used to di‐
157 rectly fill the entropy poll, or if it is used as a periodic
158 seed to an aes based cprng (default 1)
159 RNDR (rndr) [Index 8]
162 Entropy drawn from the RNDR instruction (aarch64 only)
163 Options
166 use_aes - select if the arm rndr instruction is used to di‐
168 rectly fill the entropy poll, or if it is used as a periodic
169 seed to an aes based cprng (default 0)
170 NIST Entropy Beacon (nist) [Index 4]
173 Entropy gathered from the NIST network entropy beacon. Note
174 that this entropy source is disabled by default as it should
175 never be used for cryptographic purposes, or any use case in
176 which random data should be known only by a single entity.
177 JITTER (jitter) [Index 5]
180 Entropy gathered by measuring timing variance of operations on
181 the local cpu
182 Options
184 thread_count - Set the number of threads that the jitter en‐
185 tropy source will spawn
186 buffer_size - Set the size of the buffer cache that each thread
188 maintains
189 refill_thresh - Set the low watermark for the cache that trig‐
191 gers its corresponding thread to start refill operations
192 retry_count - If all entropy buffers are empty, retry this many
194 times before giving up. Note that jitterentropy can take sev‐
195 eral seconds to refill a buffer, and so retries after a delay
196 may be preferable to repeatedly spining on an empty buffer (de‐
197 fault 1)
198 retry_delay - between each retry for retry_count above, sleep
200 for this many seconds. May also be the special value -1, repre‐
201 senting adaptive sleep, where each retry delay will be half the
202 recorded execution time of the last entropy gathering round (de‐
203 fault -1)
204 force_soft_timer - on platforms with a hardware timer that is
206 too coarse to sample jitter, we can instead use a software based
207 timer loop. Detection and use of this mechanism is automatic,
208 but this can be useful for testing purposes
209 PKCS11 (pkcs11) [Index 6]
212 Entropy gathered via the opensc openssl engine, which can ex‐
213 tract entropy from various smart card readers
214 Options
216 engine_path - Set the patch for the pkcs11 engine DSO to load
217 chunk_size - Some pkcs11 engines have restrictions on how much
219 data can be requested at a time, this option allows for the re‐
220 quest to be subdivided into smaller chunks to be satisfied
221 RTLSDR (rtlsdr) [Index 7]
224 Entropy gathered via the rtl software defined radio library,
225 which can gather entropy using various usb software defined ra‐
226 dios listening to random radio static
227 Options
229 devid - When multiple devices are available the integer index
230 of the device to use
231 freq_min - The minimum frequence range to scan in
233 freq_max - The maximum frequency range to scan in
235 sample_min - The minimum sample rate of the radio
237 sample_max - The maximum sample rate of the radio
239
242 Philipp Rumpf
243 Jeff Garzik - jgarzik@pobox.com
244 Matt Sottek
245 Brad Hill
246 Neil Horman - nhorman@tuxdriver.com
247rng-tools 6.14 March 2001 RNGD(8)