User Tools

Site Tools


docs:guide-user:services:rng

Random generator

Introduction

  • This how-to describes the method for setting up a fast RNG on OpenWrt.
  • It may help to minimize system startup time on low performance devices.

Goals

  • Minimize startup time for cryptography-dependent services.
    • Avoid potential deadlock states and race conditions.

Instructions

Provide RNG with rng-tools.

# Install packages
opkg update
opkg install rng-tools
 
# Configure RNG
uci set system.@rngd[0].enabled="1"
uci commit system
/etc/init.d/rngd restart

Use a software RNG by default.

# Use software RNG
uci set system.@rngd[0].device="/dev/urandom"
uci commit system
/etc/init.d/rngd restart

Use a hardware RNG if available.

# Use hardware RNG
uci set system.@rngd[0].device="/dev/hwrng"
uci commit system
/etc/init.d/rngd restart

Testing

Test the entropy pool size.

sysctl kernel.random.entropy_avail

Use rngtest to check the randomness of data.

RNG_DEV="$(uci get system.@rngd[0].device)"
rngtest -c 1000 < ${RNG_DEV}

Troubleshooting

Collect and analyze the following information.

# Restart the services
/etc/init.d/log restart; /etc/init.d/rngd restart
 
# Log and status
logread -e rngd; pgrep -f -a rngd
 
# Persistent configuration
uci show system
This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
docs/guide-user/services/rng.txt · Last modified: 2019/09/18 13:42 by vgaetera