The content of this topic has been archived on 29 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
i was searching a way to use interfaces as random number generators,
but could not find a compiled version of rngd for open wrt.
for example : http://bredsaal.dk/generating-entropy-w … twork-card
i allredy tried kmod-crypto-rng but found no documentation to this package,
does someone know anything about that?
(Last edited by morn on 6 Jul 2011, 12:29)
So i will try to compile a version for open wrt. I have downloaded trunk via svn.
Is there anthing i have to know about that? which is not mentioned in wiki?
I have a lot of /dev/random "users" on my two dir-825. They have an entropy of 28 to 33 thats bad for my needs.
Its a well known problem and generating random by interfaces on a router sounds good, doesn`t it.
When i get it work i would like to put it in ipkg format, isn`t right?
Is there anyone interestet in that feature of great entropy?
I could provide it, if u want (developer).
Greeting, Morn.
i was searching a way to use interfaces as random number generators,
but could not find a compiled version of rngd for open wrt.
I got interested about rngd due to these tickets:
https://dev.openwrt.org/ticket/9631
https://dev.openwrt.org/ticket/9999
And I managed to compile the rngd daemon for Openwrt. It works at least in my ar71xx based WNDR3700.
------------------
I searched a bit in the net about possible tools to add entropy.
One such tool is rngd daemon included in the rng-tools package from http://sourceforge.net/projects/gkernel/ . Manual: http://linux.die.net/man/8/rngd
The tool can be used to add entropy to the kernel's entropy pool either from some genuine hardware-based entropy source, or as a quick&dirty patch also from /dev/urandom. Using urandom isn't a perfect solution, but it will satisfy those applications looking for input from /dev/random.
As far as I found out, nobody had compiled the rngd package for Openwrt, so far. So, I made a try out of it, and succeeded both for Backfire and trunk.
I defined a package that downloads the sources from SF. (This is my first package definition, so the dependencies and conventions might not be quite correct, but the package seems to work.)
Hopefully somebody can figure out a way to connect some real entropy source in ar71xxx devices through this daemon.
Index: /Openwrt/backfire/feeds/packages/utils/rng-tools/Makefile
===================================================================
--- /Openwrt/backfire/feeds/packages/utils/rng-tools/Makefile (revision 0)
+++ /Openwrt/backfire/feeds/packages/utils/rng-tools/Makefile (revision 0)
@@ -0,0 +1,35 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=rng-tools
+PKG_VERSION:=3
+PKG_RELEASE:=1
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://downloads.sourceforge.net/project/gkernel/rng-tools/3/
+PKG_MD5SUM:=fa305916ec101c85c0065aeceb81a38d
+
+PKG_FIXUP:=libtool
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/rng-tools
+ SECTION:=utils
+ CATEGORY:=Utilities
+ DEPENDS:=+USE_UCLIBC:argp-standalone
+ TITLE:=Daemon for adding entropy to kernel entropy pool
+ URL:=http://sourceforge.net/projects/gkernel/
+endef
+
+ifdef CONFIG_USE_UCLIBC
+CONFIGURE_VARS += \
+ LIBS="-largp"
+endif
+
+define Package/rng-tools/install
+ $(INSTALL_DIR) $(1)/usr/bin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/rngtest $(1)/usr/bin/
+ $(INSTALL_DIR) $(1)/sbin
+ $(INSTALL_BIN) $(PKG_BUILD_DIR)/rngd $(1)/sbin/
+endef
+
+$(eval $(call BuildPackage,rng-tools))Output of test run in Backfire:
BusyBox v1.15.3 (2011-09-07 23:41:00 EEST) built-in shell (ash)
Enter 'help' for a list of built-in commands.
_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
Backfire (10.03.1-RC6, r28191) --------------------
* 1/3 shot Kahlua In a shot glass, layer Kahlua
* 1/3 shot Bailey's on the bottom, then Bailey's,
* 1/3 shot Vodka then Vodka.
---------------------------------------------------
root@OpenWrt:~# ls -l /sbin/rngd
-rwxr-xr-x 1 root root 40000 Sep 7 23:44 /sbin/rngd
root@OpenWrt:~# ls -l /usr/bin/rngtest
-rwxr-xr-x 1 root root 43236 Sep 7 23:44 /usr/bin/rngtest
root@OpenWrt:~# cd /etc/config
root@OpenWrt:/etc/config# ./query_random_avail.sh
Thu Sep 8 00:08:05 EEST 2011 entropy_avail is 44
Thu Sep 8 00:08:10 EEST 2011 entropy_avail is 44
Thu Sep 8 00:08:15 EEST 2011 entropy_avail is 44
Thu Sep 8 00:08:20 EEST 2011 entropy_avail is 44
Thu Sep 8 00:08:25 EEST 2011 entropy_avail is 44
Thu Sep 8 00:08:30 EEST 2011 entropy_avail is 44
Thu Sep 8 00:08:35 EEST 2011 entropy_avail is 44
^C
root@OpenWrt:/etc/config# rngd -r /dev/urandom -W 4096 -t 30
root@OpenWrt:/etc/config# ./query_random_avail.sh
Thu Sep 8 00:08:46 EEST 2011 entropy_avail is 3712
Thu Sep 8 00:08:51 EEST 2011 entropy_avail is 3328
Thu Sep 8 00:08:56 EEST 2011 entropy_avail is 2944
Thu Sep 8 00:09:01 EEST 2011 entropy_avail is 2560
Thu Sep 8 00:09:06 EEST 2011 entropy_avail is 2176
Thu Sep 8 00:09:11 EEST 2011 entropy_avail is 1792
Thu Sep 8 00:09:16 EEST 2011 entropy_avail is 3840
Thu Sep 8 00:09:21 EEST 2011 entropy_avail is 3456
Thu Sep 8 00:09:26 EEST 2011 entropy_avail is 2688
Thu Sep 8 00:09:31 EEST 2011 entropy_avail is 2304
Thu Sep 8 00:09:36 EEST 2011 entropy_avail is 1920
Thu Sep 8 00:09:41 EEST 2011 entropy_avail is 1536
Thu Sep 8 00:09:46 EEST 2011 entropy_avail is 3840
Thu Sep 8 00:09:51 EEST 2011 entropy_avail is 3456So, using the daemon clearly increases the apparent entropy pool, although that randomness is merely sourced from /dev/urandom.
The script used for reading the available bits every 5 seconds:
#!/bin/ash
while (true)
do
echo `date` entropy_avail is `cat /proc/sys/kernel/random/entropy_avail`
sleep 5
doneThe discussion might have continued from here.