Rechercher une page de manuel
haveged
Langue: en
Version: 364255 (ubuntu - 25/10/10)
Section: 8 (Commandes administrateur)
NAME
haveged - Feed kernel random deviceSYNOPSIS
haveged [options]DESCRIPTION
The hardware events that are the ultimate source of any random number sequence are pooled by the /dev/random device for later distribution via the device interface. The standard mechanism for harvesting randomness for the pool may not be sufficient to meet demand, especially on those systems with high needs or limited user interaction.The HAVEGE (HArdware Volatile Entropy Gathering and Expansion) algorithum harvests the indirect effects of hardware events on processor state (caches, branch predictors, memory translation tables, etc) rather than attempting to extract randomness from individual events. The effects of interrupt service on processor state are visible from userland as timing variations in program execution speed. Using code designed to mostly fill the instruction cache, a data area occupying a large portion of the processors data cache, and with the processor time stamp counter as the data input, it is possible to construct a calculation that will reliably generate a random sequence even on an "idle" system.
Haveged is a daemon that uses HAVEGE to maintain a 1M pool of random bytes used to fill /dev/random whenever the supply of random bits in dev/random falls below the low water mark of the device. The principle inputs to havaged are the sizes of the processor instruction and data caches used to setup the HAVEGE collector. The haveged default is a 4kb data cache and a 16kb instruction cache. On machines with a cpuid instruction, haveged will attempt to select appropriate values from internal tables.
Although CISC architectures appear insensitive to tuning parameters, there is no guarantee that manual tuning of daemon may not be required under some circumstances. The output of the HAVEGE random number generator should be verified on every installation before the daemon is put into production.
OPTIONS
- -d nnn, --data=nnn
- Set data cache size to nnn KB. Default is 16 or as determined by cpuid.
- -f file, --file=file
- Set sample output file path - default is "sample"
- -i nnn, --inst=nnn
- Set instruction cache size to nnn KB. Default is 16 or as determined by cpuid.
- -r n, --run=n
- Set run level 0=daemon,1=config info,>1=Write <r>KB sample file
- -v n, --verbose=n
- Set output level 0=minimal,1=config/fill items
- -w nnn, --write=nnn
- Set write_wakeup_threshold to nnn bits
- -?, --help
- This summary of program options.
DIAGNOSTICS
The following diagnostics may be issued to stderr upon termination:Cannot fork into the background
- Call to daemon(3) failed.
- Could not open sample file <s> for writing.
- Could not write data to the sample file.
- Unable to read /proc/sys/kernel/random/poolsize
- Invalid data or instruction cache size.
- Could not open /dev/random for read-write.
- Call to ioctl(2) failed.
- Error writing /var/run/haveged.pid
- Unable to write to /proc/sys/kernel/random/write_wakeup_threshold
- Call to ioctl(2) to add entropy failed
- Call to select(2) failed.
AUTHOR
Gary Wuertz <gary@issiweb.com>SEE ALSO
http://www.issihosts/haveged/Contenus ©2006-2024 Benjamin Poulain
Design ©2006-2024 Maxime Vantorre