Random generator

This article relies on the following:

Introduction

  • This how-to describes the method for optimizing RNG on OpenWrt.
  • It may help to minimize system startup time on low performance devices.

Goals

  • Minimize startup time for cryptography-dependent services.
    • Avoid potential deadlock states and race conditions.

Command-line instructions

Provide fast RNG with rng-tools. 

# Install packages
opkg update
opkg install rng-tools
 
# Configure RNG
uci set system.@rngd[0].enabled="1"
uci commit system
/etc/init.d/rngd restart

Testing

Test the entropy pool size. 

sysctl kernel.random.entropy_avail

Use rngtest to check the randomness of data. 

RNG_DEV="$(uci get system.@rngd[0].device)"
rngtest -c 1000 < ${RNG_DEV}

Troubleshooting

Collect and analyze the following information. 

# Restart services
/etc/init.d/log restart; /etc/init.d/rngd restart
 
# Log and status
logread -e rngd; pgrep -f -a rngd
 
# Persistent configuration
uci show system

Extras

Software RNG

Use software RNG by default. 

# Use software RNG
uci set system.@rngd[0].device="/dev/urandom"
uci commit system
/etc/init.d/rngd restart

Hardware RNG

Use hardware RNG if available. 

# Use hardware RNG
uci set system.@rngd[0].device="/dev/hwrng"
uci commit system
service urngd disable && service urngd stop
/etc/init.d/rngd restart
This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
  • Last modified: 2022/01/19 13:24
  • by timur_davletshin