Rule ID
SV-282626r1200858_rule
Version
V1R1
CCIs
The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness. The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems. The "rngd" service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).
Verify TOSS 5 enabled the hardware random number generator entropy gatherer service using the following command: Note: For TOSS 5 systems running with kernel FIPS mode enabled as specified by TOSS-05-000470, this requirement is not applicable. $ systemctl is-active rngd active If the "rngd" service is not active, this is a finding.
Install the "rng-tools" package using the following command: $ sudo dnf install rng-tools Enable the "rngd" service using the following command: $ sudo systemctl enable --now rngd