STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Red Hat Enterprise Linux 8 Security Technical Implementation Guide

V-230285

CAT III (Low)

RHEL 8 must enable the hardware random number generator entropy gatherer service.

Rule ID

SV-230285r1017096_rule

STIG

Red Hat Enterprise Linux 8 Security Technical Implementation Guide

Version

V2R7

CCIs

CCI-000366

Discussion

The most important characteristic of a random number generator is its randomness, namely its ability to deliver random numbers that are impossible to predict. Entropy in computer security is associated with the unpredictability of a source of randomness. The random source with high entropy tends to achieve a uniform distribution of random values. Random number generators are one of the most important building blocks of cryptosystems. The rngd service feeds random data from hardware device to kernel random device. Quality (nonpredictable) random number generation is important for several security functions (i.e., ciphers).

Check Content

Note: For RHEL versions 8.4 and above running with kernel FIPS mode enabled as specified by RHEL-08-010020, this requirement is Not Applicable.

Check that  RHEL 8 has enabled the hardware random number generator entropy gatherer service.

Verify the rngd service is enabled and active with the following commands:

     $ sudo systemctl is-enabled rngd
     enabled

     $ sudo systemctl is-active rngd
     active

If the service is not "enabled" and "active", this is a finding.

Fix Text

Start the rngd service and enable the rngd service with the following commands:

     $ sudo systemctl start rngd.service

     $ sudo systemctl enable rngd.service