getrandom - Linux
Overview
The getrandom command is a secure source of random data on Linux, designed to replace traditional methods like /dev/random
and /dev/urandom
. It provides high-quality randomness suitable for various applications, including cryptography, unpredictable decisions, or random testing.
Syntax
getrandom [OPTION]... [BYTES...] [FILE]
Options/Flags
| Option | Description | Default |
|—|—|—|
| -a
| Algorithm to use (e.g., urandom, aes-256) | urandom
|
| -b
| Print in binary (bytes) | No |
| -f
| Fill a file with BYTES of random data | No |
| -i
| Infinite output (write indefinitely to FILE) | No |
| -o
| Output to FILE (must be specified with -f
or -i
) | – |
| -p
| Memory-based entropy pool (finer-grained than -s
) | No |
| -q
| Quiet mode (no verbose output) | No |
| -s
| System entropy pool (rather than memory-based pool) | Yes |
| -t
| Capture timestamp information | No |
| -u
| Unit of BYTES: "k" (1KiB), "m" (1MiB), "g" (1GiB) | – |
| -v
| Verbose output (print algorithm, entropy availability, etc.) | No |
Examples
Generate 1 KiB of random data and print it in binary:
getrandom -b 1k
Fill a file with 10 MiB of random data (requires -f
and -o
):
getrandom -f -o filename.bin 10m
Generate infinite random data and write it to a file:
getrandom -i -o /dev/null
Capture timestamp information along with random data:
getrandom -t
Common Issues
-
Low entropy: If your system has low entropy, getrandom may block or produce biased results. Use
-p
to use the memory-based entropy pool, or increase system entropy by using a random hardware device like a mouse or keyboard. -
Insufficient permissions: You need root privileges to use getrandom, as it accesses secure system resources.
Integration
getrandom can be integrated with other tools for various purposes:
- OpenSSL: Use
getrandom
as a source of entropy for OpenSSL operations. - Scripts: Use
getrandom
to generate random passwords, tokens, or other sensitive data. - RNGD: Use
getrandom
as an additional entropy source for RNGD, the Linux random number generator daemon.
Related Commands
rngd
: The Linux random number generator daemon./dev/random
: A traditional source of random data./dev/urandom
: A non-blocking source of random data.