1.\" $NetBSD: rndctl.8,v 1.29 2021/04/06 22:02:40 riastradh Exp $ 2.\" 3.\" Copyright (c) 1997 Michael Graff 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. The name of the author may not be used to endorse or promote products 15.\" derived from this software without specific prior written permission. 16.\" 17.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 22.\" BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 23.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 24.\" AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 25.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27.\" SUCH DAMAGE. 28.\" 29.Dd April 2, 2021 30.Dt RNDCTL 8 31.Os 32.Sh NAME 33.Nm rndctl 34.Nd kernel entropy pool management tool 35.Sh SYNOPSIS 36.Nm 37.Op Fl CcEe 38.Op Fl d Ar devname | Fl t Ar devtype 39.Nm 40.Op Fl lsv 41.Op Fl d Ar devname | Fl t Ar devtype 42.Nm 43.Op Fl i 44.Fl L Ar save-file 45.Nm 46.Fl S Ar save-file 47.Sh DESCRIPTION 48The 49.Nm 50program displays statistics on the current state of the 51.Xr rnd 4 52device, and controls which sources are allowed to contribute to the 53entropy pool maintained by 54.Xr rnd 4 . 55.Pp 56The following options are available: 57.Bl -tag -width 123456 58.It Fl C 59Disable collection of data for the given device name or device type. 60.It Fl c 61Enable collection of data for the given device name or device type. 62.It Fl d 63Only the device named 64.Ar devname 65is altered or displayed. 66This is mutually exclusive with 67.Fl t . 68.It Fl E 69Ignore estimates of entropy from the drivers for the given device name 70or type. 71.Pp 72If collection is still enabled, data is still collected and mixed into 73the internal entropy pool, but no entropy is assumed to be present and 74data from the selected devices will not unblock 75.Pa /dev/random . 76.It Fl e 77Accept estimates of entropy from the drivers for the given device name 78or type. 79.Pp 80.Cm "rndctl -e" 81does not change the estimate provided by the driver; if the driver's 82estimate is zero, as it generally is for devices of types other than 83.Ic rng , 84it remains zero after 85.Cm "rndctl -e" . 86.It Fl i 87With the 88.Fl L 89option to load a seed from a file, ignore any estimate in the file of 90the entropy of the seed. 91This still loads the data into the kernel, but won't unblock 92.Pa /dev/random 93even if the file claims to have adequate entropy. 94This is useful if the file is on a medium, such as an NFS share, that 95the operator does not know to be secret. 96.It Fl L 97Load a seed from 98.Ar save-file 99generated by 100.Cm "rndctl -S" . 101Overwrite it with a seed derived by hashing it together with output 102from 103.Pa /dev/urandom 104so that the new seed has at least as much entropy as either the old 105seed had or the system already has. 106If interrupted, either the old seed or the new seed will be in place. 107.It Fl l 108List all sources, or, if the 109.Fl t 110or 111.Fl d 112flags are specified, only those specified by the 113.Ar devtype 114or 115.Ar devname 116specified. 117.It Fl S 118Generate a seed from the system entropy pool and save it to 119.Ar save-file 120for later use with 121.Cm "rndctl -L" . 122.Pp 123The file format is specific to 124.Nm 125and includes an estimate of the amount of saved entropy and a checksum. 126The prior internal state of the system entropy pool cannot be recovered 127from 128.Ar save-file , 129so disclosure of 130.Ar save-file 131does not compromise past secrets drawn from 132.Pa /dev/urandom 133or equivalent. 134.It Fl s 135Display statistics on the current state of the entropy pool. 136.It Fl t 137All devices of type 138.Ar devtype 139are altered or displayed. 140This is mutually exclusive with 141.Fl d . 142.Pp 143The available types are: 144.Bl -tag -width "diskx" 145.It Ic disk 146Physical hard drives. 147.It Ic net 148Network interfaces. 149.It Ic tape 150Tape devices. 151.It Ic tty 152Terminal, mouse, or other user input devices. 153.It Ic rng 154Hardware random number generators. 155.El 156.It Fl v 157Verbose output. 158.El 159.Sh SEE ALSO 160.Xr rnd 4 , 161.Xr entropy 7 , 162.Xr rnd 9 163.Sh HISTORY 164The 165.Nm 166program was first made available in 167.Nx 1.3 . 168.Sh AUTHORS 169The 170.Nm 171program was written by 172.An Michael Graff 173.Aq explorer@flame.org . 174