random.4 (73872) | random.4 (74077) |
---|---|
1.\" Copyright (c) 2001 Mark R V Murray. All rights reserved. 2.\" 3.\" Redistribution and use in source and binary forms, with or without 4.\" modification, are permitted provided that the following conditions 5.\" are met: 6.\" 1. Redistributions of source code must retain the above copyright 7.\" notice, this list of conditions and the following disclaimer. 8.\" 2. Redistributions in binary form must reproduce the above copyright --- 7 unchanged lines hidden (view full) --- 16.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 17.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 18.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 19.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 20.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 21.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 22.\" SUCH DAMAGE. 23.\" | 1.\" Copyright (c) 2001 Mark R V Murray. All rights reserved. 2.\" 3.\" Redistribution and use in source and binary forms, with or without 4.\" modification, are permitted provided that the following conditions 5.\" are met: 6.\" 1. Redistributions of source code must retain the above copyright 7.\" notice, this list of conditions and the following disclaimer. 8.\" 2. Redistributions in binary form must reproduce the above copyright --- 7 unchanged lines hidden (view full) --- 16.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 17.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 18.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 19.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 20.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 21.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 22.\" SUCH DAMAGE. 23.\" |
24.\" $FreeBSD: head/share/man/man4/random.4 73872 2001-03-06 10:08:36Z markm $ | 24.\" $FreeBSD: head/share/man/man4/random.4 74077 2001-03-10 16:08:04Z markm $ |
25.\" 26.Dd February 10, 2001 27.Dt RANDOM 4 28.Os 29.Sh NAME 30.Nm random 31.Nd the entropy device 32.Sh DESCRIPTION --- 23 unchanged lines hidden (view full) --- 56To see the devices' current settings, use the command line: 57.Pp 58.Dl sysctl kern.random 59.Pp 60which results in something like: 61.Pp 62.Bd -literal -offset indent 63kern.random.sys.seeded: 1 | 25.\" 26.Dd February 10, 2001 27.Dt RANDOM 4 28.Os 29.Sh NAME 30.Nm random 31.Nd the entropy device 32.Sh DESCRIPTION --- 23 unchanged lines hidden (view full) --- 56To see the devices' current settings, use the command line: 57.Pp 58.Dl sysctl kern.random 59.Pp 60which results in something like: 61.Pp 62.Bd -literal -offset indent 63kern.random.sys.seeded: 1 |
64kern.random.sys.harvest_ethernet: 0 65kern.random.sys.harvest_point_to_point: 0 66kern.random.sys.harvest_interrupt: 0 | 64kern.random.sys.burst: 20 65kern.random.sys.harvest.ethernet: 0 66kern.random.sys.harvest.point_to_point: 0 67kern.random.sys.harvest.interrupt: 0 |
67kern.random.yarrow.gengateinterval: 10 68kern.random.yarrow.bins: 10 69kern.random.yarrow.fastthresh: 100 70kern.random.yarrow.slowthresh: 160 71kern.random.yarrow.slowoverthresh: 2 72.Ed 73.Pp 74All settings are read/write. --- 5 unchanged lines hidden (view full) --- 80device is in an acceptably secure state 81as a result of reseeding. 82If set to 0, the device will block (on read) until the next reseed 83(which can be from an explicit write, 84or as a result of entropy harvesting). 85A reseed will set the value to 1 (non-blocking). 86.Pp 87The | 68kern.random.yarrow.gengateinterval: 10 69kern.random.yarrow.bins: 10 70kern.random.yarrow.fastthresh: 100 71kern.random.yarrow.slowthresh: 160 72kern.random.yarrow.slowoverthresh: 2 73.Ed 74.Pp 75All settings are read/write. --- 5 unchanged lines hidden (view full) --- 81device is in an acceptably secure state 82as a result of reseeding. 83If set to 0, the device will block (on read) until the next reseed 84(which can be from an explicit write, 85or as a result of entropy harvesting). 86A reseed will set the value to 1 (non-blocking). 87.Pp 88The |
88.Va kern.random.sys.harvest_ethernet | 89.Va kern.random.sys.burst 90variable instructs the kernel thread 91that processes the harvest queue 92to 93.Xr tsleep 9 94briefly after that many events 95have been processed. 96This helps prevent the random device 97from being so compute-bound 98that it takes over all processing ability. 99A value of zero (0) is treated as 100.Em infinity , 101and will only allow the kernel to pause 102if the queue is empty. 103Only values in the range [0..20] are accepted. 104.Pp 105The 106.Va kern.random.sys.harvest.ethernet |
89variable is used to select LAN traffic as an entropy source. 90A zero (0) value means that LAN traffic 91is not considered as an entropy source. 92Set the variable to one (1) 93if you wish to use LAN traffic for entropy harvesting. 94.Pp 95The | 107variable is used to select LAN traffic as an entropy source. 108A zero (0) value means that LAN traffic 109is not considered as an entropy source. 110Set the variable to one (1) 111if you wish to use LAN traffic for entropy harvesting. 112.Pp 113The |
96.Va kern.random.sys.harvest_point_to_point | 114.Va kern.random.sys.harvest.point_to_point |
97variable is used to select serial line traffic as an entropy source. 98(Serial line traffic includes PPP, SLIP and all tun0 traffic.) 99A zero (0) value means such traffic 100is not considered as an entropy source. 101Set the variable to one (1) 102if you wish to use it for entropy harvesting. 103.Pp 104The | 115variable is used to select serial line traffic as an entropy source. 116(Serial line traffic includes PPP, SLIP and all tun0 traffic.) 117A zero (0) value means such traffic 118is not considered as an entropy source. 119Set the variable to one (1) 120if you wish to use it for entropy harvesting. 121.Pp 122The |
105.Va kern.random.sys.harvest_interrupt | 123.Va kern.random.sys.harvest.interrupt |
106variable is used to select hardware interrupts 107as an entropy source. 108A zero (0) value means interrupts 109are not considered as an entropy source. 110Set the variable to one (1) 111if you wish to use them for entropy harvesting. 112All interrupt harvesting is setup by the 113individual device drivers. 114.Pp 115The other variables are explained in the paper describing the 116.Em Yarrow 117algorithm at 118.Pa http://www.counterpane.com/yarrow.html . | 124variable is used to select hardware interrupts 125as an entropy source. 126A zero (0) value means interrupts 127are not considered as an entropy source. 128Set the variable to one (1) 129if you wish to use them for entropy harvesting. 130All interrupt harvesting is setup by the 131individual device drivers. 132.Pp 133The other variables are explained in the paper describing the 134.Em Yarrow 135algorithm at 136.Pa http://www.counterpane.com/yarrow.html . |
137.Pp 138These variables are all limited 139in terms of the values they may contain: 140.Bl -tag -width "kern.random.yarrow.gengateinterval" -compact -offset indent 141.It Va kern.random.yarrow.gengateinterval 142[4..64] 143.It Va kern.random.yarrow.bins 144[2..16] 145.It Va kern.random.yarrow.fastthresh 146[64..256] 147.It Va kern.random.yarrow.slowthresh 148[64..256] 149.It Va kern.random.yarrow.slowoverthresh 150[1..5] 151.El 152.Pp 153Internal 154.Xr sysctl 9 155handlers force the above variables 156into the stated ranges. |
|
119.Sh FILES 120.Bl -tag -width /dev/random 121.It Pa /dev/random 122.El 123.Sh SEE ALSO 124.Xr sysctl 8 125.Sh HISTORY 126A --- 13 unchanged lines hidden --- | 157.Sh FILES 158.Bl -tag -width /dev/random 159.It Pa /dev/random 160.El 161.Sh SEE ALSO 162.Xr sysctl 8 163.Sh HISTORY 164A --- 13 unchanged lines hidden --- |