/

rngd (8) Linux Manual Page

ByLinux Manual Posted on Updated on

rngd – Check and feed random data from hardware device to kernel random device

Synopsis

rngd [-b, –background] [-f, –foreground] [-i, –ignorefail] [-o, –random-device=file] [-p, –pid-file=file] [-r, –rng-device=file] [-s, –random-step=nnn] [-W, –fill-watermark=nnn] [-d, –no-drng=1|0] [-n, –no-tpm=1|0] [-q, –quiet] [-v, –verbose] [-?, –help] [-V, –version]

Description

This daemon feeds data from a random number generator to the kernel’s random number entropy pool, after first checking the data to ensure that it is properly random. The -f or –foreground options can be used to tell rngd to avoid forking on startup. This is typically used for debugging. The -b or –background options, which fork and put rngd into the background automatically, are the default. The -r or –rng-device options can be used to select an alternate source of input, besides the default /dev/hwrng. The -o or –random-device options can be used to select an alternate entropy output device, besides the default /dev/random. Note that this device must support the Linux kernel /dev/random ioctl API.

Options

-b, –background

Become a daemon (default)

-f, –foreground

Do not fork and become a daemon

-p file, –pid-file=file

File used for recording daemon PID, and multiple exclusion (default: /var/run/rngd.pid)

-i, –ignorefail

Ignore repeated fips failures

-o file, –random-device=file

Kernel device used for random number output (default: /dev/random)

-r file, –rng-device=file

Kernel device used for random number input (default: /dev/hwrng)

-s nnn, –random-step=nnn

Number of bytes written to random-device at a time (default: 64)

-e nnn, –entropy-count=nnn

Number of bits to consider random when adding entropy. 1<=e<=8 (default: 8)

-W n, –fill-watermark=nnn

Once we start doing it, feed entropy to random-device until at least fill-watermark bits of entropy are available in its entropy pool (default: 2048). Setting this too high will cause rngd to dominate the contents of the entropy pool. Low values will hurt system performance during entropy starves. Do not set fill-watermark above the size of the entropy pool (usually 4096 bits).

-d 1|0, –no-drng=1|0

Do not use drng as a source of random number input (default:0)

-n 1|0, –no-tpm=1|0

Do not use tpm as a source of random number input (default:0)

-q, –quiet

Suppress error messages

-v, –verbose

Report available entropy sources, and exit

-?, –help

Give a short summary of all program options.

-V, –version

Print program version

Authors

Philipp Rumpf
Jeff Garzik – jgarzik [at] pobox.com
Matt Sottek
Brad Hill

Leave a Reply

Your email address will not be published. Required fields are marked *