getrandom - Linux

Overview

The getrandom command is a secure source of random data on Linux, designed to replace traditional methods like /dev/random and /dev/urandom. It provides high-quality randomness suitable for various applications, including cryptography, unpredictable decisions, or random testing.

Syntax

getrandom [OPTION]... [BYTES...] [FILE]

Options/Flags

| Option | Description | Default |
|—|—|—|
| -a | Algorithm to use (e.g., urandom, aes-256) | urandom |
| -b | Print in binary (bytes) | No |
| -f | Fill a file with BYTES of random data | No |
| -i | Infinite output (write indefinitely to FILE) | No |
| -o | Output to FILE (must be specified with -f or -i) | – |
| -p | Memory-based entropy pool (finer-grained than -s) | No |
| -q | Quiet mode (no verbose output) | No |
| -s | System entropy pool (rather than memory-based pool) | Yes |
| -t | Capture timestamp information | No |
| -u | Unit of BYTES: "k" (1KiB), "m" (1MiB), "g" (1GiB) | – |
| -v | Verbose output (print algorithm, entropy availability, etc.) | No |

Examples

Generate 1 KiB of random data and print it in binary:

getrandom -b 1k

Fill a file with 10 MiB of random data (requires -f and -o):

getrandom -f -o filename.bin 10m

Generate infinite random data and write it to a file:

getrandom -i -o /dev/null

Capture timestamp information along with random data:

getrandom -t

Common Issues

  • Low entropy: If your system has low entropy, getrandom may block or produce biased results. Use -p to use the memory-based entropy pool, or increase system entropy by using a random hardware device like a mouse or keyboard.

  • Insufficient permissions: You need root privileges to use getrandom, as it accesses secure system resources.

Integration

getrandom can be integrated with other tools for various purposes:

  • OpenSSL: Use getrandom as a source of entropy for OpenSSL operations.
  • Scripts: Use getrandom to generate random passwords, tokens, or other sensitive data.
  • RNGD: Use getrandom as an additional entropy source for RNGD, the Linux random number generator daemon.

Related Commands

  • rngd: The Linux random number generator daemon.
  • /dev/random: A traditional source of random data.
  • /dev/urandom: A non-blocking source of random data.