Provided by: jitterentropy-rngd_1.0.8-3_amd64 bug

NAME

       jitterentropy-rngd - CPU Jitter Random Number Generator Daemon

SYNOPSIS

       jitterentropy-rngd [OPTION]

DESCRIPTION

       The  jitterentropy-rngd  application  provides  a source of good entropy by collecting CPU
       execution time jitter. The collected entropy is injected into the Linux kernel /dev/random
       device using the RNDADDENTROPY ioctl described in random(4).

       The  entropy in the CPU execution time jitter is magnified by the CPU Jitter Random Number
       Generator. The CPU Jitter Random Number Generator uses the CPU execution timing jitter  to
       generate  a  bit  stream  which  complies  with  different  statistical  measurements that
       determine the bit stream is random.

       The CPU Jitter Random Number Generator works equally well in virtualized  environments  as
       well  as  on  bare-metal  provided  a  high-resolution  timer  is  made available with the
       clock_gettime() function. The currently use timer can  be  checked  by  reading  the  file
       /sys/devices/system/clocksource/clocksource0/current_clocksource.   If  the  clock  source
       shall  be  changed,  one  of  the   available   clock   sources   listed   in   the   file
       /sys/devices/system/clocksource/clocksource0/available_clocksource can be written into the
       mentioned current_clocksource file and the kernel immediately changes the use clock.

       The CPU Jitter Random Number Generator unconditionally injects 256 bits  of  entropy  into
       the  Linux  kernel  during startup time before it daemonizes. Thus, when the invocation of
       the jitterentropy-rngd returns, the Linux kernel is seeded  with  at  least  256  bits  of
       entropy.  The  reader  should consider that the Linux kernel performs a schedule operation
       during  the  injection  of  data  which  implies  that  immediately  after  starting   the
       jitterentropy-rngd  the kernel may still complain about insufficient entropy available for
       /dev/urandom.

       The following options are supported when invoking jitterentropy-rngd:

       -v, --verbose
              enable a verbose  operation  of  the  daemon.  Using  this  option  multiple  times
              increases the verbosity. Using this option implies that the jitterentropy-rngd will
              not daemonize.

       -p, --pid [FILE]
              triggers the creation of a PID file at the given location.

       -h, --help
              displays the help text

       --version
              returns the version number of the jitterentropy-rngd.

NOTES

       The CPU Jitter random number generator MUST NOT be compiled with compiler optimizations. A
       pre-processor check enforces this requirement.

       The   random   bit   stream   generated  by  jitterentropy-rngd  is  NOT  processed  by  a
       cryptographically secure whitening function. Nonetheless, it is believed that  the  output
       can   be   used   as   a  source  for  cryptographically  secure  key  material  or  other
       cryptographically sensitive data.

SEE ALSO

       random(4) clock_gettime(2)

                                            2017-02-11                      JITTERENTROPY-RNGD(1)