The document details the process of creating entropy using the Intel rdrand instruction set built into certain Intel CPUs.

Entropy is the randomness of the data that is used when an application or operating system uses cryptography. An example would be SSL connections to your web server.

Verify CPU Supports the rdrand Instruction

In this section we will verify that the CPU supports the rdrand instruction.

Step 1 – First cat the /proc/cpuinfo to verify that the CPU supports the rdrand instruction.

The result should be 0 if your CPU supports the rdrand instruction.

Check Current Entropy Value

In this section we will verify the current entropy value.

Step 1 – Check the current entropy value by using cat to view /proc/sys/kernel/random/entropy_avail

The result should be between 3000 – 3200.

Add kernel Entries to sysctl.conf File

In this section we will add the required kernel entries to the /etc/sysctl.conf file.

Step 1 – First we will use sed to remove any previous entries of kernel.random.read_wakeup_threshold kernel.random.write_wakeup_threshold in the /etc/sysctl.conf file.

Step 2 – Next backup the /etc/sysctl.conf file.

Step 3 – Next append the entries kernel.random.read_wakeup_threshold = 2048 kernel.random.write_wakeup_threshold = 3072 to the /etc/sysctl.conf file.


Step 4 – Next we will use sysctl to load the new kernel parameters.

Install and Configure rngd Service

Step 1 – First install rng-tools using yum.

Step 2 – Next we will add the additional parameters to the /etc/sysconfig/rngd file to enable support for rdrand.


Step 3 – Next we will start the rngd service.

Step 4 – Next we will configure the rngd service to start at boot.

Verify New Entropy Level

The result should be 4096