aboutsummaryrefslogtreecommitdiffstats
path: root/rngd.8.in
blob: de0c34a35f85c0064f7b544865db9c14e8ee0f82 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
.\" Copyright (C) 2001 Jeff Garzik -- jgarzik@pobox.com
.\"
.TH RNGD 8 "March 2001" "@PACKAGE@ @VERSION@"

.SH NAME
rngd \- Check and feed random data from hardware device to kernel random device

.SH SYNOPSIS
.B rngd
[\fB\-b\fR, \fB\-\-background\fR]
[\fB\-f\fR, \fB\-\-foreground\fR]
[\fB\-o\fR, \fB\-\-random-device=\fIfile\fR]
[\fB\-p\fR, \fB\-\-pid-file=\fIfile\fR]
[\fB\-r\fR, \fB\-\-rng-device=\fIfile\fR]
[\fB\-s\fR, \fB\-\-random-step=\fInnn\fR]
[\fB\-W\fR, \fB\-\-fill-watermark=\fInnn\fR]
[\fB\-d\fR, \fB\-\-no-drng=\fI1|0\fR]
[\fB\-n\fR, \fB\-\-no-tpm=\fI1|0\fR]
[\fB\-q\fR, \fB\-\-quiet\fR]
[\fB\-v\fR, \fB\-\-verbose\fR]
[\fB\-?\fR, \fB\-\-help\fR]
[\fB\-V\fR, \fB\-\-version\fR]
.RI

.SH DESCRIPTION
This daemon feeds data from a random number generator to the kernel's
random number entropy pool, after first checking the data to ensure that
it is properly random.
.PP
The \fB\-f\fR or \fB\-\-foreground\fR options can be used to tell
\fBrngd\fR to avoid forking on startup.  This is typically used for
debugging.  The \fB\-b\fR or \fB\-\-background\fR options, which fork and put
\fBrngd\fR into the background automatically, are the default.
.PP
The \fB\-r\fR or \fB\-\-rng-device\fR options can be used to select an
alternate source of input, besides the default /dev/hwrandom.
The \fB\-o\fR or \fB\-\-random-device\fR options can be used to select
an alternate entropy output device, besides the default /dev/random.
Note that this device must support the Linux kernel /dev/random 
ioctl API.
.PP
FIXME: document random-step and timeout

.SH OPTIONS
.TP
\fB\-b\fR, \fB\-\-background\fR
Become a daemon (default)
.TP
\fB\-f\fR, \fB\-\-foreground\fR
Do not fork and become a daemon
.TP
\fB\-p\fI file\fR, \fB\-\-pid-file=\fIfile\fR
File used for recording daemon PID, and multiple exclusion
(default: /var/run/rngd.pid)
.TP
\fB\-o\fI file\fR, \fB\-\-random-device=\fIfile\fR
Kernel device used for random number output
(default: /dev/random)
.TP
\fB\-r\fI file\fR, \fB\-\-rng-device=\fIfile\fR
Kernel device used for random number input
(default: /dev/hwrandom)
.TP
\fB\-s\fI nnn\fR, \fB\-\-random-step=\fInnn\fR
Number of bytes written to random-device at a time (default: 64)
.TP
\fB\-W\fI n\fR, \fB\-\-fill\-watermark=\fInnn\fR
Once we start doing it, feed entropy to \fIrandom-device\fR until at least
\fIfill-watermark\fR bits of entropy are available in its entropy pool (default: 2048).
Setting this too high will cause \fIrngd\fR to dominate the contents of the
entropy pool.  Low values will hurt system performance during entropy 
starves.  Do not set \fIfill-watermark\fR above the size of the
entropy pool (usually 4096 bits).
.TP
\fB\-d\fI 1|0\fR, \fB\-\-no-drng=\fI1|0\fR
Do not use drng as a source of random number input (default:0)
.TP
\fB\-n\fI 1|0\fR, \fB\-\-no-tpm=\fI1|0\fR
Do not use tpm as a source of random number input (default:0)
.TP
\fB\-q\fR, \fB\-\-quiet\fR
Suppress error messages
.TP
\fB\-v\fR, \fB\-\-verbose\fR
Report available entropy sources
.TP
\fB\-?\fR, \fB\-\-help\fR
Give a short summary of all program options.
.TP
\fB\-V\fR, \fB\-\-version\fR
Print program version

.SH AUTHORS
Philipp Rumpf
.br
Jeff Garzik \- jgarzik@pobox.com
.br
Matt Sottek
.br
Brad Hill