The TPM security chip that is available in most modern systems has a hardware RNG.
It is also used to feed the entropy pool, but generally not credited entropy.
Use rng_core.default_quality
in the kernel command line to set the trust
level on the hardware generators. The trust level defines the amount of entropy to credit.
A value of 0
tells the system not to trust the hardware random number generators
available, and doesn't credit any entropy to the pool.
A value of 1000
assigns full confidence in the generators, and credits all the
entropy it provides to the pool.
Note that the value of rng_core.default_quality
is global, affecting the trust
on all hardware random number generators.
Select the appropriate confidence by adding the argument
rng_core.default_quality=
to the default
GRUB 2 command line for the Linux operating system.
To ensure that rng_core.default_quality=
is added as a kernel command line
argument to newly installed kernels, add rng_core.default_quality=
to the
default Grub2 command line for Linux operating systems. Modify the line within
/etc/default/grub
as shown below:
GRUB_CMDLINE_LINUX="... rng_core.default_quality= ..."
Run the following command to update command line for already installed kernels:# update-grub