RnGatherD

Random number gathering daemon.

While running the daemon creates a pseudo device /dev/hwrandom which can be used as input device for rngd. The daemon supports reading from a local device or loads the random data from a RandPi entropy server. If reading from the server the daemon decrypts the random data and checks the signature. You have to use the same secret and salt on the server and the client.

Installation

You can install the daemon via pip: pip3 install rngatherd

You can also checkout this repository and run python3 setup.py install.

Both methods install the script rngatherdaemon.py as a system wide executable and create a init script: /etc/init.d/rngatherd.

Configuration

Running sudo rngatherdaemon.py config creates a basic configuration in /etc/rngatherd.conf. You probably need to change the secret and salt in the [RandPi] section to match the server. The encryption key is derived from these so the settings on server and all clients have to match.

If settings are missing default values are used. There has to be a [Hwrng] or a [RandPi] section to activate at least one random source.

The daemon logs to /var/vog/rngatherd.log. The log level can be specified in the settings by choosing one of ERROR, WARN or INFO.

Usage

Just read from /dev/hwrandom.

You can test the daemon with cat /dev/hwrandom. This should produce a lot of weird looking output because most of the random bytes are not printable.