rngd

Check and feed random data from an entropy source to an entropy sink

rngd [-b | --background | -f | --foreground]
[-p file | --pidfile=file]
[-B n | --rng-buffers=n] [--hrng=name] [-R name | --rng- driver=name] [-r file | --rng-device=file]
[-H n.nnn | --rng-entropy=n.nnn] [-Q quality | --rng-quality=quality]
[-T n | --rng-timeout=n] [-o file | --random-device=file] [-s n | --random-step=n]
[-W n | --fill-watermark=n[%]]
[-t n | --feed-interval=n]
[-?] [--help] [-V] [--version]

This documenatin is severly abridged, see the man page and other refereneces for descriptions ed

Feeds entropy from a trusted source of randomness (called an entropy source) TrueRandomNumberGenerator (TRNG), to an entropy sink

The primary purpose of rngd is to keep this pool as full of randomness as possible.

If working with the kernel as an entropy sink, and the entropy pool is full, the daemon will force-feed the kernel random-step*8 bits of data every feed-interval seconds, to stir the entropy pool.

-b
--background
Become a daemon (default).
-f
--foreground
Do not fork, nor detach from the controlling terminal.
-R name
--rng-driver=name
Entropy source driver.
stream is a general purpose Unix stream input driver, capable of receiving data from a file, named pipe, or Unix character device.
viapadlock a user-space driver for the TRNG embedded on some VIA CPUs
-o file
--random-device=file
Kernel device used for entropy output.(default: /dev/random)
-r file
--rng-device=file
Kernel device, fifo or file used for entropy input by the stream entropy source driver. default: /dev/hwrng
--hrng=name Selects known-good defaults for some HRNGs. name help lists known HRNGs.
On raspberry pi B 2019-12-05
rngd --hrng=help
RNG         Description
intelfwh    "Intel FWH (82802AB/AC) RNG"
            rng-driver=UNIX stream, rng-entropy=0.998, rng-buffers=5;
viakernel   "VIA Padlock RNG (Kernel driver, deprecated)"
            rng-driver=UNIX stream, rng-entropy=0.750, rng-buffers=3;
viapadlock  "VIA Padlock RNG"
            rng-driver=VIA PadLock TRNG, rng-entropy=auto, rng-buffers=3;
-H n.n
--rng-entropy=n.n
Entropy per bit of input data. This is a floating point number between 0 and 1 (inclusive). (default: 1.0)
-Q quality
--rng-quality=quality
default, low, medium or high. Selects the quality of the random data an entropy source will generate. Do not use anything but high if the entropy sink will use the random data directly, instead of using it to seed a PRNG/entropy pool. Ignored by stream entropy source driver.
-B n
--rng-buffers=n
Number of 20,000 bit buffers to use.(default: 3) approved or discarded by the FIPS tests.
Decreasing the number of buffers below 3 can degrade rngd's performance.
Increasing it above 3 will only help with very big bursts of entropy usage that a larger number of buffers can accomodate.
-s n
--random-step=n
Number of bytes written to random-device at a time. This number should be even, and between 8 and 2500. Setting it too high will cause rngd to dominate the contents of the entropy pool. Values above 256 are unlikely to increase performance. (default: 64)
-W n
--fill-watermark=n[%]
Once started, feed entropy to random-device until at least fill-watermark bits of entropy are available.
High values cause rngd to dominate the contents of the entropy pool.
Low values will hurt system performance during entropy starves.
fill-watermark can be specified either as an absolute number of bits, or as a percentage of the total size of the entropy pool. (default: 50%)
-t n
--feed-interval=n
If feed-interval is not zero, rngd will force-feed entropy to the random device even when the entropy pool is full every feed-interval seconds. Setting this too low may cause rngd to dominate the contents of the entropy pool. (default: 60)
--timeout=n Deprecated, use --feed-interval instead.
-T n
--rng-timeout=n
Time to wait for data to start coming from the entropy source, before aborting.
Zero disables this timeout. (default: 10)
-p file
--pidfile=file
File to write PID to when running in background mode. (default: /var/run/rngd.pid)
-?
--help
-V
--version
WARNING rngd can dominate the kernel's entropy pool, by feeding it so much data, so often, that other sources of entropy are ignored or lost. Do not to that unless you trust rngd's source of random data ultimately.

There is usually not much bandwidth available from a HRNG. Don't drain too much with too low a feed- interval, or rngd may not have enough data on its buffers when the kernel gets low on entropy.

Statistics

rngd will dump statistics hourly, or when sent SIGUSR1 to stderr when in foreground mode, or syslog when in background mode.

raspberry pi zero w

 2019-12-05 16:41:27 dapi2 daemon.info rngd[251]: stats: 

 bits received from HRNG source: 2,460,064
 bits sent to kernel pool: 2,412,288
 entropy added to kernel pool: 2,412,288
 FIPS 140-2 successes: 123
 FIPS 140-2 failures: 0
 FIPS 140-2(2001-10-10) Monobit: 0
 FIPS 140-2(2001-10-10) Poker: 0
 FIPS 140-2(2001-10-10) Runs: 0
 FIPS 140-2(2001-10-10) Long run: 0
 FIPS 140-2(2001-10-10) Continuous run: 0
 HRNG source speed: (min=83.776; avg=267.081; max=690.126)Kibits/s
 FIPS tests speed: (min=571.206; avg=4804.457; max=6351.626)Kibits/s
 Lowest ready-buffers level: 0
 Entropy starvations: 86
 Time spent starving for entropy: (min=6,943; avg=28,116.221; max=94,230)us
FIPS 140-2 successes and failures blocks accepted or rejected by the tests.
HRNG source speed for reading a 20000-bit block of data.
FIPS tests speed for a 20000-bit block of data.
Lowest ready-buffers level (i.e. that can be fed to the kernel) hit so far. Entropy starvations: times the kernel asked rngd for entropy, and rngd had none to give.
Time spent starving for entropy records the time spent by rngd waiting for a buffer with good entropy to become available, during starvation

Seems to this authour that the only warning information in the stats is Lowest level and starvations see example
Maybe use rsyslog filter or cleanLog to delete stats: FIPS 140-2 forum

Signals

signals should be sent to the process listed in the pidfile.

SIGTERM terminates rngd cleanly.
SIGUSR1 dumps statistics

Exit Status

 0 no errors
 1 rng-source is misbehaving. ??
10 there are problems with the parameters, pidfile, or rng-device cannot be opened.
11 input/output error happened
12 an operating system or resource starvation error happened

Don't shrink the capacity of the kernel entropy pool with rngd running, restart rngd when kernel entropy pool size is changed.

Files

/dev/random, /dev/hwrng, /var/run/rngd.pid, /proc/sys/kernel/random/poolsize /proc/sys/kernel/random/write_wakeup_threshold

See

random(4), rngtest(1)
Check available entropy:
cat /proc/sys/kernel/random/entropy_avail
Review of statics on dapi2 show need for change
 egrep 'Lowest|starvations'  daemon.info  | grep -v 's: 0' |grep -v 'l: [1-9]'
2019-12-05 12:41:27 dapi2 daemon.info rngd[251]: stats: Lowest ready-buffers level: 0
2019-12-05 12:41:27 dapi2 daemon.info rngd[251]: stats: Entropy starvations: 86
2019-12-05 13:41:27 dapi2 daemon.info rngd[251]: stats: Lowest ready-buffers level: 0
2019-12-05 13:41:27 dapi2 daemon.info rngd[251]: stats: Entropy starvations: 86
2019-12-05 14:41:27 dapi2 daemon.info rngd[251]: stats: Lowest ready-buffers level: 0
2019-12-05 14:41:27 dapi2 daemon.info rngd[251]: stats: Entropy starvations: 86
2019-12-05 15:41:27 dapi2 daemon.info rngd[251]: stats: Lowest ready-buffers level: 0
2019-12-05 15:41:27 dapi2 daemon.info rngd[251]: stats: Entropy starvations: 86
2019-12-05 16:41:27 dapi2 daemon.info rngd[251]: stats: Lowest ready-buffers level: 0
2019-12-05 16:41:27 dapi2 daemon.info rngd[251]: stats: Entropy starvations: 86
2019-12-05 17:41:27 dapi2 daemon.info rngd[251]: stats: Lowest ready-buffers level: 0
2019-12-05 17:41:27 dapi2 daemon.info rngd[251]: stats: Entropy starvations: 86
over time period contained in daemon.info
cut -c6-14 daemon.info |uniq |tail
12-05 09:
12-05 10:
12-05 11:
12-05 12:
12-05 13:
12-05 14:
12-05 15:
12-05 16:
12-05 17:
12-05 18:
Additional raspberry discussion:

 the hwrng is not set up to feed /dev/random unless you install rng-tools. (and /dev/urandom is a pseudo number generator once entropy pool is exhausted)

the arch article on rng-tools suggests testing it is working by this command, and if hwrng is set up it will be instantaneous, otherwise will take a long time.

dd if=/dev/random of=/dev/null bs=1024 count=1 iflag=fullblock

I ran the test on zero stretch-lite with rng-tools and one without

with rng-tools 1+0 records in 1+0 records out
1024 bytes (1.0 kB, 1.0 KiB) copied, 0.0192011 s, 53.3 kB/s

without rng-tools 1+0 records in 1+0 records out
1024 bytes (1.0 kB, 1.0 KiB) copied, 98.4036 s, 0.0 kB/s