← Back to Tri-Lab Operating System Stack (TOSS) 4 Security Technical Implementation Guide

V-253117

CAT III (Low)

TOSS must have the packages required to use the hardware random number generator entropy gatherer service.

Rule ID

SV-253117r991589_rule

STIG

Tri-Lab Operating System Stack (TOSS) 4 Security Technical Implementation Guide

Version

V2R5

CCIs

CCI-000366

Discussion

The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness. The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems. The rngd service feeds random data from hardware device to kernel random device. Quality (non-predictable) random number generation is important for several security functions (i.e., ciphers).

Check Content

Check that TOSS has the packages required to enable the hardware random number generator entropy gatherer service with the following command:

$ sudo yum list installed rng-tools

rng-tools.x86_64                       6.13-1.git.d207e0b6.el8                        @anaconda

If the "rng-tools" package is not installed, this is a finding.

Fix Text

Install the packages required to enable the hardware random number generator entropy gatherer service with the following command:

$ sudo yum install rng-tools