UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

RHEL 9 must enable the hardware random number generator entropy gatherer service.


Overview

Finding ID Version Rule ID IA Controls Severity
V-257782 RHEL-09-211035 SV-257782r991589_rule Low
Description
The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness. The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems. The rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).
STIG Date
Red Hat Enterprise Linux 9 Security Technical Implementation Guide 2024-06-04

Details

Check Text ( C-61523r942960_chk )
Note: For RHEL 9 systems running with kernel FIPS mode enabled as specified by RHEL-09-671010, this requirement is Not Applicable.

Verify that RHEL 9 has enabled the hardware random number generator entropy gatherer service with the following command:

$ systemctl is-active rngd

active

If the "rngd" service is not active, this is a finding.
Fix Text (F-61447r925332_fix)
Install the rng-tools package with the following command:

$ sudo dnf install rng-tools

Then enable the rngd service run the following command:

$ sudo systemctl enable --now rngd