NAME
rndctl — 
in-kernel random number
  generator management tool
SYNOPSIS
  
    
    
  
  
    | rndctl | [-CcEe]
      [-d devname |
      -t devtype] | 
  
    
    
  
  
    | rndctl | [-lsv]
      [-d devname |
      -t devtype] | 
DESCRIPTION
The 
rndctl program displays statistics on the current state of
  the 
rnd(4) pseudo-driver, and
  allows the administrator to control which sources are allowed to contribute to
  the randomness pool maintained by
  
rnd(4), as well as whether a given
  source counts as strongly random.
The following options are available:
  -  
-  
- -C
- Disable collection of timing information for the given
      device name or device type.
-  
-  
- -c
- Enable collection of timing information for the given
      device name or device type.
-  
-  
- -d
- Only the device named devname is
      altered or displayed. This is mutually exclusive with
      -t.
-  
-  
- -E
- Disable entropy estimation from the collected timing
      information for the given device name or device type. If collection is
      still enabled, timing information is still collected and mixed into the
      internal entropy pool, but no entropy is assumed to be present.
-  
-  
- -e
- Enable entropy estimation using the collected timing
      information for the given device name or device type.
-  
-  
- -L
- Load saved entropy from file
      save-file, which will be overwritten and deleted
      before the entropy is loaded into the kernel.
-  
-  
- -l
- List all sources, or, if the -t or
      -d flags are specified, only those specified by the
      devtype or devname
    specified.
-  
-  
- -S
- Save entropy pool to file save-file.
      The file format is specific to rndctl and includes an
      estimate of the amount of saved entropy and a checksum.
-  
-  
- -s
- Display statistics on the current state of the random
      collection pool.
-  
-  
- -t
- All devices of type devtype are
      altered or displayed. This is mutually exclusive with
      -d.
    
    The available types are:
    
      -  
-  
- disk
- Physical hard drives.
-  
-  
- net
- Network interfaces.
-  
-  
- tape
- Tape devices.
-  
-  
- tty
- Terminal, mouse, or other user input devices.
-  
-  
- rng
- Random number generators.
 
-  
-  
- -v
- Verbose output: show entropy estimation statistics for each
      source.
FILES
  - /dev/random
- Returns “good” values only.
- /dev/urandom
- Always returns data, degenerates to a pseudo-random
      generator.
SEE ALSO
rnd(4),
  
rnd(9)
HISTORY
The 
rndctl program was first made available in
  
NetBSD 1.3.
AUTHORS
The 
rndctl program was written by 
Michael
  Graff ⟨explorer@flame.org⟩.
BUGS
Turning on entropy estimation from unsafe or predictable sources will weaken
  system security, while turning on entropy collection from such sources may
  weaken system security.
Care should be taken when using this command.