RHEL-09-211035 - RHEL 9 must enable the hardware random number generator entropy gatherer service.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness. The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems.

The rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).

Solution

Install the rng-tools package with the following command:

$ sudo dnf install rng-tools

Then enable the rngd service run the following command:

$ sudo systemctl enable --now rngd

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_RHEL_9_V1R2_STIG.zip

Item Details

References: CAT|III, CCI|CCI-000366, Rule-ID|SV-257782r942961_rule, STIG-ID|RHEL-09-211035, Vuln-ID|V-257782

Plugin: Unix

Control ID: 686ef64ba3fe46e2ae68803b321baf72c4995bed73d75fdb1238a5ded61c8a0d