1.Dd September 6, 2001 2.Dt RANDOM 4 3.Os Darwin 4.Sh NAME 5.Nm random 6, 7.Nm urandom 8.Nd random data source devices. 9.Sh SYNOPSIS 10.Cd "pseudo-device random" 11.Sh DESCRIPTION 12The 13.Nm 14device produces uniformly distributed random byte values 15of potentially high quality. 16.Pp 17To obtain random bytes, open 18.Nm /dev/random 19for reading and read from it. 20.Pp 21To add entropy to the random generation system, open 22.Nm /dev/random 23for writing and write data that you believe to be somehow random. 24.Pp 25.Nm /dev/urandom 26is a compatibility nod to Linux. On Linux, 27.Nm /dev/urandom 28will produce lower quality output if the entropy pool drains, while 29.Nm /dev/random 30will prefer to block and wait for additional entropy to be collected. 31With Yarrow, this choice and distinction is not necessary, and 32the two devices behave identically. You may use either. 33.Sh OPERATION 34The 35.Nm 36device implements the 37.Nm Yarrow 38pseudo random number generator algorithm and maintains its entropy pool. 39Additional entropy is fed to the generator regularly by the 40.Nm SecurityServer 41daemon from random jitter measurements of the kernel. 42.Nm SecurityServer 43is also responsible for periodically saving some entropy to disk 44and reloading it during startup to provide entropy in early system 45operation. 46.Pp 47You may feed additional entropy to the generator by writing it to the 48.Nm 49device, though this is not required in a normal operating environment. 50.Sh LIMITATIONS AND WARNINGS 51.Nm Yarrow 52is a fairly resilient algorithm, and is believed 53to be resistant to non-root. 54The quality of its output is however dependent on regular addition 55of appropriate entropy. If the 56.Nm SecurityServer 57system daemon fails for any reason, output quality will suffer 58over time without any explicit indication from the 59.Nm 60device itself. 61.Pp 62Paranoid programmers can counteract this risk somewhat by collecting 63entropy of their choice (e.g. from keystroke or mouse timings) 64and seeding it into 65.Nm 66directly before obtaining important random numbers. 67.Sh FILES 68.Bl -tag -width /dev/urandom -compact 69.It Pa /dev/random 70.It Pa /dev/urandom 71.El 72.Sh HISTORY 73A 74.Nm 75device appeared in the Linux operating system. 76