9.6. Random Number Generator (RNG) Device
virtio-rngis a virtual RNG (random number generator) device that feeds RNG data to the guest virtual machine's operating system, thereby providing fresh entropy for guest virtual machines on request.
virtio-rngis enabled on a Linux guest virtual machine, a chardev is created in the guest virtual machine at the location
/dev/hwrng/. This chardev can then be opened and read to fetch entropy from the host physical machine. In order for guest virtual machines' applications to benefit from using randomness from the virtio-rng device transparently, the input from
/dev/hwrng/must be relayed to the kernel entropy pool in the guest virtual machine. This can be accomplished if the information in this location is coupled with the rgnd daemon (contained within the rng-tools).
/dev/randomfile. The process is done manually in Red Hat Enterprise Linux 6 guest virtual machines.
# rngd -b -r /dev/hwrng/ -o /dev/random/
man rngdcommand for an explanation of the command options shown here. For further examples, refer to Procedure 9.11, “Implementing virtio-rng with the command line tools” for configuring the virtio-rng device.
viorngto be installed. Once installed, the virtual RNG device will work using the CNG (crypto next generation) API provided by Microsoft. Once the driver is installed, the
virtrngdevice appears in the list of RNG providers.
Procedure 9.11. Implementing virtio-rng with the command line tools
- Shut down the guest virtual machine.
- In a terminal window, using the
virsh edit domain-namecommand, open the XML file for the desired guest virtual machine.
- Edit the
<devices>element to include the following:
... <devices> <rng model='virtio'> <rate period="2000" bytes="1234"/> <backend model='random'>/dev/random</backend> <source mode='bind' service='1234'> <source mode='connect' host='192.0.2.1' service='1234'> </backend> </rng> </devices> ...