Difference between revisions of "Frandom"

From ArchWiki
Jump to: navigation, search
m
m (fix header (take 2))
(23 intermediate revisions by 10 users not shown)
Line 1: Line 1:
[[Category: File systems (English)]]
+
[[Category:Security]]
= Summary =
+
[[Category:File systems]]
'''frandom''' is a fast alternative to /dev/urandom. It can be used wherever fast random number generation is required, eg for randomising large hard drives prior to [[System_Encryption_with_LUKS_for_dm-crypt|encryption]].
+
{{Out of date|Needs updating to SystemD}}
 +
'''frandom''' is a fast alternative to [[Random Number Generation|/dev/urandom]]. It can be used wherever fast random number generation is required, eg for randomising large hard drives prior to [[System_Encryption_with_LUKS_for_dm-crypt|encryption]].
  
 
From the [http://billauer.co.il/frandom.html frandom page]:
 
From the [http://billauer.co.il/frandom.html frandom page]:
"The frandom suite comes as a Linux kernel module for several kernels, or a kernel patch for 2.4.22. It implements a random number generator, which is 10-50 times faster than what you get from Linux' built-in /dev/urandom."
+
"The frandom suite comes as a Linux kernel module for several kernels, or a kernel patch for 2.4.22. It implements a random number generator, which is 10-50 times faster than what you get from Linux' built-in {{ic|/dev/urandom}}."
  
 
Does frandom generate good random numbers? Refer to the frandom page for this and other technical info.
 
Does frandom generate good random numbers? Refer to the frandom page for this and other technical info.
  
= Installation =
+
Beneath in the example section, you'll find 'real', 'user' and 'sys' information, what they mean you can find [http://stackoverflow.com/questions/556405/what-do-real-user-and-sys-mean-in-the-output-of-time1?answertab=active#tab-top here].
Frandom is available as a package from the [http://aur.archlinux.org/packages.php?ID=9869 AUR].
+
  
Once the daemon has been started, it is available from /dev/frandom. It is run in the normal way:
+
== Installation ==
 +
Frandom is available as a package from the [https://aur.archlinux.org/packages.php?ID=9869 AUR].
 +
 
 +
Once the daemon has been started, it is available from {{ic|/dev/frandom}}. It is run in the normal way:
 
  # /etc/rc.d/frandom {start|stop|restart}
 
  # /etc/rc.d/frandom {start|stop|restart}
  
Or if you prefer, it can be started at boot by adding it /etc/rc.conf:
+
Or if you prefer, it can be started at boot by adding it {{ic|/etc/rc.conf}}:
 
  DAEMONS=(... frandom ...)
 
  DAEMONS=(... frandom ...)
  
= Wiping a drive/partition =
+
== Wiping a disk ==
 
Use the following dd command. This will wipe all the data on the specified device, take care!
 
Use the following dd command. This will wipe all the data on the specified device, take care!
  
 
  # dd if=/dev/frandom of=/dev/sdx1
 
  # dd if=/dev/frandom of=/dev/sdx1
  
= Example =
+
Refer to [[Securely wipe disk]] for more general info on this topic.
On a 1.73 GHZ Thinkpad T43 with 2 GB ram:
+
 
 +
== Example ==
 +
{{Merge|Benchmarking disk wipes|Maybe anyone can bring this to nicer Formatting, move it there and link to it?}}
 +
1) On a 1.73 GHZ Thinkpad T43 with 2 GB ram:
 
  # time dd if=/dev/frandom of=/dev/sdb2
 
  # time dd if=/dev/frandom of=/dev/sdb2
dd: writing to `/dev/sdb2': No space left on device
+
  dd: writing to `/dev/sdb2': No space left on device
587384596+0 records in
+
  587384596+0 records in
587384595+0 records out
+
  587384595+0 records out
300740912640 bytes (301 GB) copied, 12844.6 s, 23.4 MB/s
+
  300740912640 bytes (301 GB) copied, 12844.6 s, 23.4 MB/s
real    214m4.620s
+
  real    214m4.620s
user    3m34.693s
+
  user    3m34.693s
sys    77m28.660s
+
  sys    77m28.660s
 
Summary: 300 GB in approx 3.5 hours
 
Summary: 300 GB in approx 3.5 hours
 +
 +
 +
2) On a 2.4 GHZ (T8300 Core 2 Duo) Thinkpad T61 with 2 GB ram:
 +
# dd if=/dev/frandom of=/dev/sdb bs=1M
 +
  dd: writing `/dev/sdb': No space left on device
 +
  476941+0 records in
 +
  476940+0 records out
 +
  500107862016 bytes (500 GB) copied, 5954.52 s, 84.0 MB/s
 +
Summary: 500 GB in approx 1.65 hours
 +
 +
 +
3) On a 2.8 GHz (Athlon2 X4) with 4 GB ram:
 +
# dd if=/dev/frandom of=/dev/sdc3 bs=1M seek=100KB
 +
  dd: writing `/dev/sdc3': No space left on device
 +
  1807429+0 records in
 +
  1807428+0 records out
 +
  1895225712640 bytes (1.9 TB) copied, 20300.3 s, 93.4 MB/s
 +
Summary: ~2TB in ~5.64 hours. However, on the same machine:
 +
# dd if=/dev/frandom of=/dev/null bs=1M count=1000
 +
  1000+0 records in
 +
  1000+0 records out
 +
  1048576000 bytes (1.0 GB) copied, 7.81581 s, 134 MB/s
 +
versus
 +
# dd if=/dev/urandom of=/dev/null bs=1M count=1000
 +
  1000+0 records in
 +
  1000+0 records out
 +
  1048576000 bytes (1.0 GB) copied, 144.296 s, 7.3 MB/s
 +
This makes frandom 10-20 times faster on this machine, meaning it would take approx 50-120 hours (2-5 days!) to randomize 2TB using urandom.
 +
 +
4) On a 2.70GHz (i7-2620M) ThinkPad x220 with 8GB Ram:
 +
 +
# time dd if=/dev/frandom of=/dev/sdc
 +
  dd: writing to `/dev/sdc': No space left on device
 +
  625140336+0 records in
 +
  625140335+0 records out
 +
  320071851520 bytes (320 GB) copied, 9618.12 s, 33.3 MB/s
 +
  real    160m18.126s
 +
  user    1m8.916s
 +
  sys    36m16.401s
 +
 +
'''Summary:''' 320 GB in approx. 2.67 hours
 +
 +
5) On a 2.70GHz (i7-2620M) ThinkPad x220 with 8GB Ram:
 +
 +
# time dd if=/dev/frandom of=/dev/sdc
 +
  dd: writing to `/dev/sde': Input/output error
 +
  467085833+0 records in
 +
  467085832+0 records out
 +
  239147945984 bytes (239 GB) copied, 24675.2 s, 9.7 MB/s
 +
  real    411m15.208s
 +
  user    2m58.028s
 +
  sys    83m14.188s
 +
 +
'''Summary:''' 500 GB in approx. 6.85 hours (connected on USB3)

Revision as of 00:20, 23 October 2013

Tango-view-refresh-red.pngThis article or section is out of date.Tango-view-refresh-red.png

Reason: Needs updating to SystemD (Discuss in Talk:Frandom#)

frandom is a fast alternative to /dev/urandom. It can be used wherever fast random number generation is required, eg for randomising large hard drives prior to encryption.

From the frandom page: "The frandom suite comes as a Linux kernel module for several kernels, or a kernel patch for 2.4.22. It implements a random number generator, which is 10-50 times faster than what you get from Linux' built-in /dev/urandom."

Does frandom generate good random numbers? Refer to the frandom page for this and other technical info.

Beneath in the example section, you'll find 'real', 'user' and 'sys' information, what they mean you can find here.

Installation

Frandom is available as a package from the AUR.

Once the daemon has been started, it is available from /dev/frandom. It is run in the normal way:

# /etc/rc.d/frandom {start|stop|restart}

Or if you prefer, it can be started at boot by adding it /etc/rc.conf:

DAEMONS=(... frandom ...)

Wiping a disk

Use the following dd command. This will wipe all the data on the specified device, take care!

# dd if=/dev/frandom of=/dev/sdx1

Refer to Securely wipe disk for more general info on this topic.

Example

Merge-arrows-2.pngThis article or section is a candidate for merging with Benchmarking disk wipes.Merge-arrows-2.png

Notes: Maybe anyone can bring this to nicer Formatting, move it there and link to it? (Discuss in Talk:Frandom#)

1) On a 1.73 GHZ Thinkpad T43 with 2 GB ram:

# time dd if=/dev/frandom of=/dev/sdb2
 dd: writing to `/dev/sdb2': No space left on device
 587384596+0 records in
 587384595+0 records out
 300740912640 bytes (301 GB) copied, 12844.6 s, 23.4 MB/s
 real    214m4.620s
 user    3m34.693s
 sys     77m28.660s

Summary: 300 GB in approx 3.5 hours


2) On a 2.4 GHZ (T8300 Core 2 Duo) Thinkpad T61 with 2 GB ram:

# dd if=/dev/frandom of=/dev/sdb bs=1M
  dd: writing `/dev/sdb': No space left on device
  476941+0 records in
  476940+0 records out
  500107862016 bytes (500 GB) copied, 5954.52 s, 84.0 MB/s

Summary: 500 GB in approx 1.65 hours


3) On a 2.8 GHz (Athlon2 X4) with 4 GB ram:

# dd if=/dev/frandom of=/dev/sdc3 bs=1M seek=100KB
  dd: writing `/dev/sdc3': No space left on device
  1807429+0 records in
  1807428+0 records out
  1895225712640 bytes (1.9 TB) copied, 20300.3 s, 93.4 MB/s

Summary: ~2TB in ~5.64 hours. However, on the same machine:

# dd if=/dev/frandom of=/dev/null bs=1M count=1000
  1000+0 records in
  1000+0 records out
  1048576000 bytes (1.0 GB) copied, 7.81581 s, 134 MB/s

versus

# dd if=/dev/urandom of=/dev/null bs=1M count=1000
  1000+0 records in
  1000+0 records out
  1048576000 bytes (1.0 GB) copied, 144.296 s, 7.3 MB/s

This makes frandom 10-20 times faster on this machine, meaning it would take approx 50-120 hours (2-5 days!) to randomize 2TB using urandom.

4) On a 2.70GHz (i7-2620M) ThinkPad x220 with 8GB Ram:

# time dd if=/dev/frandom of=/dev/sdc
  dd: writing to `/dev/sdc': No space left on device
  625140336+0 records in
  625140335+0 records out
  320071851520 bytes (320 GB) copied, 9618.12 s, 33.3 MB/s
  real    160m18.126s
  user    1m8.916s
  sys     36m16.401s

Summary: 320 GB in approx. 2.67 hours

5) On a 2.70GHz (i7-2620M) ThinkPad x220 with 8GB Ram:

# time dd if=/dev/frandom of=/dev/sdc
  dd: writing to `/dev/sde': Input/output error
  467085833+0 records in
  467085832+0 records out
  239147945984 bytes (239 GB) copied, 24675.2 s, 9.7 MB/s
  real    411m15.208s
  user    2m58.028s
  sys     83m14.188s

Summary: 500 GB in approx. 6.85 hours (connected on USB3)