1RNGD(8) System Manager's Manual RNGD(8)
2
6 rngd - Check and feed random data from hardware device to kernel random
7 device
8
11 rngd [-b, --background] [-f, --foreground] [-d, --debug] [-l, --list]
12 [-x, --exclude] [-n, --include] [-O, --option] [-i, --ignorefail] [-o,
13 --random-device=file] [-p, --pid-file=file] [-r, --rng-device=file]
14 [-s, --random-step=nnn] [-t, --test] [-W, --fill-watermark=nnn] [-R,
15 --force-reseed=nnn] [-D, --drop-privileges=user:group] [-q, --quiet]
16 [-?, --help] [-v, --version]
17
20 This daemon feeds data from a random number generator to the kernel's
21 random number entropy pool, after first checking the data to ensure
22 that it is properly random.
23 The -f or --foreground options can be used to tell rngd to avoid fork‐
25 ing on startup. This is typically used for debugging. The -b or
26 --background options, which fork and put rngd into the background auto‐
27 matically, are the default.
28 The -r or --rng-device options can be used to select an alternate
30 source of input, besides the default /dev/hwrng. The -o or --random-
31 device options can be used to select an alternate entropy output de‐
32 vice, besides the default /dev/random. Note that this device must sup‐
33 port the Linux kernel /dev/random ioctl API.
34
36 -b, --background
37 Become a daemon (default)
38 -f, --foreground
40 Do not fork and become a daemon
41 -d, --debug
43 Enable debug messages
44 -l, --list
46 List the indexes and names of available entropy sources. Exit
47 code when listing sources is 0 if at least 1 entropy source was
48 found and initialized, 1 otherwise.
49 -x, --exclude
51 Disable entropy sources based on index or (shortname) reported
52 from --list option
53 -n, --include
55 Enable entropy sources based on index or (shortname) reported
56 from --list option
57 -O, --option
59 Provide specific config options to individual entropy sources,
60 in the format --option [index|shortname]:key:value. See Entropy
61 Sources section below for indices and source specific options.
62 Note that specifying -O [<index>|<shortname>] will print the
63 available options for that index to the console.
64 -p file, --pid-file=file
66 File used for recording daemon PID, and multiple exclusion (de‐
67 fault: /var/run/rngd.pid)
68 -i, --ignorefail
70 Ignore repeated fips failures
71 -o file, --random-device=file
73 Kernel device used for random number output (default: /dev/ran‐
74 dom)
75 -r file, --rng-device=file
77 Kernel device used for random number input (default: /dev/hwrng)
78 -s nnn, --random-step=nnn
80 Number of bytes written to random-device at a time (default: 64)
81 -t, --test
83 Enter test mode. In this mode (which implies -f), all generated
84 entropy is discarded and rngd reports the amount of entropy gen‐
85 erated every second.
86 -e nnn, --entropy-count=nnn
88 Number of bits to consider random when adding entropy. 1<=e<=8
89 (default: 8)
90 -W n, --fill-watermark=nnn
92 Once we start doing it, feed entropy to random-device until at
93 least fill-watermark bits of entropy are available in its en‐
94 tropy pool. By default, this value is set to 75% of the entropy
95 pool size or 2048 bits if the entropy pool size couldn't be de‐
96 termined. Setting this too high will cause rngd to dominate the
97 contents of the entropy pool. Low values will hurt system per‐
98 formance during entropy starves. Do not set fill-watermark
99 above the size of the entropy pool (usually 4096 bits). A value
100 of 0 to this option will cause no watermark to be set.
101 -R n, --force-reseed=nnn
103 For newer kernels which support non-blocking entropy pools, it
104 is still beneficial to periodically add fresh entropy as a re‐
105 seeding event. --force-reseed defines the number of seconds be‐
106 tween which fresh entropy is added to the kernel entropy pool.
107 Defaults to 5 minutes.
108 -D, --drop-privileges=user:group
110 Drop privileges to a user and a group specified after initial‐
111 ization. A user and a group can be specified as a name or as a
112 numerical id and must be separated with a colon. A user and a
113 group must exist. A default is not to drop privileges.
114 -q, --quiet
116 Suppress all messages
117 -?, --help
119 Give a short summary of all program options
120 -v, --version
122 Print program version
123
126 Rngd is made up of multiple entropy sources, the data from which is
127 aggregated and fed into the kernels entropy pool. Note that not all
128 entropy sources are available on all systems, and if an entropy source
129 is enabled for a system on which it is not appropriate (or possible) to
130 use, it may fail initialization. It is not fatal to rngd for any sin‐
131 gle entropy source to fail during startup. Only a single entropy
132 sources is needed for rngd to operate. The following entropy sources
133 are currently defined in rngd
134 Hardware RNG (hwrng) [Index 0]
137 The Hardware RNG is a generic entropy source that draws entropy
138 from a hardware rng attached by default to /dev/hwrng
139 TPM (tpm) [Index 1]
142 Entropy drawn from on board TPM device. Note this entropy
143 source is deprecated and will be removed soon, as newer tpm de‐
144 vices export entropy via /dev/hwrng, which is collected by the
145 hwrng source above
146 RDRAND/RDSEED (rdrand) [Index 2]
149 Entropy drawn from the RDRAND and RDSEED instructions (x86 only)
150 Options
152 use_aes - select if rdrand is used to seed a cprng to produce
154 entropy, or if all entropy is drawn directly from rdrand in‐
155 struction (default 0)
156 DARN (darn) [Index 3]
159 Entropy drawn from the DARN instruction (ppc64 only)
160 Options
162 use_aes - select if the power darn instruction is used to di‐
164 rectly fill the entropy poll, or if it is used as a periodic
165 seed to an aes based cprng (default 1)
166 RNDR (rndr) [Index 8]
169 Entropy drawn from the RNDR instruction (aarch64 only)
170 Options
173 use_aes - select if the arm rndr instruction is used to di‐
175 rectly fill the entropy poll, or if it is used as a periodic
176 seed to an aes based cprng (default 0)
177 NIST Entropy Beacon (nist) [Index 4]
180 Entropy gathered from the NIST network entropy beacon. Note
181 that this entropy source is disabled by default as it should
182 never be used for cryptographic purposes, or any use case in
183 which random data should be known only by a single entity.
184 JITTER (jitter) [Index 5]
187 Entropy gathered by measuring timing variance of operations on
188 the local cpu
189 Options
191 thread_count - Set the number of threads that the jitter en‐
192 tropy source will spawn
193 buffer_size - Set the size of the buffer cache that each thread
195 maintains
196 refill_thresh - Set the low watermark for the cache that trig‐
198 gers its corresponding thread to start refill operations
199 retry_count - If all entropy buffers are empty, retry this many
201 times before giving up. Note that jitterentropy can take sev‐
202 eral seconds to refill a buffer, and so retries after a delay
203 may be preferable to repeatedly spining on an empty buffer (de‐
204 fault 1)
205 retry_delay - between each retry for retry_count above, sleep
207 for this many seconds. May also be the special value -1, repre‐
208 senting adaptive sleep, where each retry delay will be half the
209 recorded execution time of the last entropy gathering round (de‐
210 fault -1)
211 force_soft_timer - on platforms with a hardware timer that is
213 too coarse to sample jitter, we can instead use a software based
214 timer loop. Detection and use of this mechanism is automatic,
215 but this can be useful for testing purposes
216 PKCS11 (pkcs11) [Index 6]
219 Entropy gathered via the opensc openssl engine, which can ex‐
220 tract entropy from various smart card readers
221 Options
223 engine_path - Set the patch for the pkcs11 engine DSO to load
224 chunk_size - Some pkcs11 engines have restrictions on how much
226 data can be requested at a time, this option allows for the re‐
227 quest to be subdivided into smaller chunks to be satisfied
228 RTLSDR (rtlsdr) [Index 7]
231 Entropy gathered via the rtl software defined radio library,
232 which can gather entropy using various usb software defined ra‐
233 dios listening to random radio static
234 Options
236 devid - When multiple devices are available the integer index
237 of the device to use
238 freq_min - The minimum frequence range to scan in
240 freq_max - The maximum frequency range to scan in
242 sample_min - The minimum sample rate of the radio
244 sample_max - The maximum sample rate of the radio
246
249 Philipp Rumpf
250 Jeff Garzik - jgarzik@pobox.com
251 Matt Sottek
252 Brad Hill
253 Neil Horman - nhorman@tuxdriver.com
254rng-tools 6.15 March 2001 RNGD(8)