Visit Our UNIX and Linux User Community

Linux and UNIX Man Pages

Test Your Knowledge in Computers #684
Difficulty: Medium
According to both NetMarketShare and WikiMedia, Safari claimed a mobile market share of over 40% in 2019.
True or False?
Linux & Unix Commands - Search Man Pages

rngd(8) [centos man page]

RNGD(8) 						      System Manager's Manual							   RNGD(8)

rngd - Check and feed random data from hardware device to kernel random device SYNOPSIS
rngd [-b, --background] [-f, --foreground] [-i, --ignorefail] [-o, --random-device=file] [-p, --pid-file=file] [-r, --rng-device=file] [-s, --random-step=nnn] [-W, --fill-watermark=nnn] [-d, --no-drng=1|0] [-n, --no-tpm=1|0] [-q, --quiet] [-v, --verbose] [-?, --help] [-V, --ver- sion] DESCRIPTION
This daemon feeds data from a random number generator to the kernel's random number entropy pool, after first checking the data to ensure that it is properly random. The -f or --foreground options can be used to tell rngd to avoid forking on startup. This is typically used for debugging. The -b or --background options, which fork and put rngd into the background automatically, are the default. The -r or --rng-device options can be used to select an alternate source of input, besides the default /dev/hwrandom. The -o or --random- device options can be used to select an alternate entropy output device, besides the default /dev/random. Note that this device must sup- port the Linux kernel /dev/random ioctl API. FIXME: document random-step and timeout OPTIONS
-b, --background Become a daemon (default) -f, --foreground Do not fork and become a daemon -p file, --pid-file=file File used for recording daemon PID, and multiple exclusion (default: /var/run/ -i, --ignorefail Ignore repeated fips failures -o file, --random-device=file Kernel device used for random number output (default: /dev/random) -r file, --rng-device=file Kernel device used for random number input (default: /dev/hwrandom) -s nnn, --random-step=nnn Number of bytes written to random-device at a time (default: 64) -W n, --fill-watermark=nnn Once we start doing it, feed entropy to random-device until at least fill-watermark bits of entropy are available in its entropy pool (default: 2048). Setting this too high will cause rngd to dominate the contents of the entropy pool. Low values will hurt system performance during entropy starves. Do not set fill-watermark above the size of the entropy pool (usually 4096 bits). -d 1|0, --no-drng=1|0 Do not use drng as a source of random number input (default:0) -n 1|0, --no-tpm=1|0 Do not use tpm as a source of random number input (default:0) -q, --quiet Suppress error messages -v, --verbose Report available entropy sources -?, --help Give a short summary of all program options. -V, --version Print program version AUTHORS
Philipp Rumpf Jeff Garzik - Matt Sottek Brad Hill rng-tools 4 March 2001 RNGD(8)

Check Out this Related Man Page

RANDOM(4)						     Linux Programmer's Manual							 RANDOM(4)

random, urandom - kernel random number source devices DESCRIPTION
The character special files /dev/random and /dev/urandom (present since Linux 1.3.30) provide an interface to the kernel's random number generator. File /dev/random has major device number 1 and minor device number 8. File /dev/urandom has major device number 1 and minor device number 9. The random number generator gathers environmental noise from device drivers and other sources into an entropy pool. The generator also keeps an estimate of the number of bit of the noise in the entropy pool. From this entropy pool random numbers are created. When read, the /dev/random device will only return random bytes within the estimated number of bits of noise in the entropy pool. /dev/random should be suitable for uses that need very high quality randomness such as one-time pad or key generation. When the entropy pool is empty, reads to /dev/random will block until additional environmental noise is gathered. When read, /dev/urandom device will return as many bytes as are requested. As a result, if there is not sufficient entropy in the entropy pool, the returned values are theoretically vulnerable to a cryptographic attack on the algorithms used by the driver. Knowledge of how to do this is not available in the current non-classified literature, but it is theoretically possible that such an attack may exist. If this is a concern in your application, use /dev/random instead. CONFIGURING
If your system does not have /dev/random and /dev/urandom created already, they can be created with the following commands: mknod -m 644 /dev/random c 1 8 mknod -m 644 /dev/urandom c 1 9 chown root:root /dev/random /dev/urandom When a Linux system starts up without much operator interaction, the entropy pool may be in a fairly predictable state. This reduces the actual amount of noise in the entropy pool below the estimate. In order to counteract this effect, it helps to carry entropy pool informa- tion across shut-downs and start-ups. To do this, add the following lines to an appropriate script which is run during the Linux system start-up sequence: echo "Initializing kernel random number generator..." # Initialize kernel random number generator with random seed # from last shut-down (or start-up) to this start-up. Load and # then save 512 bytes, which is the size of the entropy pool. if [ -f /var/random-seed ]; then cat /var/random-seed >/dev/urandom fi dd if=/dev/urandom of=/var/random-seed count=1 Also, add the following lines in an appropriate script which is run during the Linux system shutdown: # Carry a random seed from shut-down to start-up for the random # number generator. Save 512 bytes, which is the size of the # random number generator's entropy pool. echo "Saving random seed..." dd if=/dev/urandom of=/var/random-seed count=1 FILES
/dev/random /dev/urandom AUTHOR
The kernel's random number generator was written by Theodore Ts'o ( SEE ALSO
mknod (1) RFC 1750, "Randomness Recommendations for Security" Linux 1997-08-01 RANDOM(4)

Featured Tech Videos