Stay organized with collections
Save and categorize content based on your preferences.
Linux
Virtio RNG is a paravirtualized random number generator. Virtio RNG provides
random numbers from an entropy pool generated by the host machine of your
virtual machine (VM) instance. The entropy pool collects random bits of
information from the system and uses that information to generate truly random
numbers, which you can use for sensitive information, such as SSH keys or unique
IDs.
Before you begin
If you haven't already, set up authentication.
Authentication verifies your identity for access to Google Cloud services and APIs. To run
code or samples from a local development environment, you can authenticate to
Compute Engine by selecting one of the following options:
Install the Google Cloud CLI.
After installation,
initialize the Google Cloud CLI by running the following command:
By default, Compute Engine VMs use Virtio RNG instead of a daemon
to refill the guest entropy pool. If you prefer to use
an entropy gathering daemon instead of or along with Virtio RNG, you
must install one. For an example of an entropy gathering daemon, see the
rng-tools
documentation.
Checking if Virtio RNG is enabled
You can check whether Virtio RNG is enabled on your VM by running the following
command:
lsmod | grep rng
When Virtio RNG is enabled, your output is similar to the following:
You can test Virtio RNG by using the /dev/random device.
Connect to the VM by using SSH. For example, you can use the
gcloud CLI to connect:
gcloud compute ssh VM_NAME
Replace VM_NAME with the name of your VM.
Install rng-tools:
CentOS
Use the following command to install rng-tools:
sudo yum install rng-tools
Debian
Use the following command to install rng-tools:
sudo apt install rng-tools
Fedora CoreOS
Use the following command to install rng-tools:
sudo yum install rng-tools
RHEL
Use the following command to install rng-tools:
sudo yum install rng-tools
SLES
Use the following command to install rng-tools:
sudo zypper install rng-tools
Ubuntu LTS
Use the following command to install rng-tools:
sudo apt install rng-tools
Some Ubuntu images return a Package 'rng-tools' has no installation
candidate error. If you receive this error, run the following commands:
sudo apt update
sudo apt install rng-tools
On the VM, run the rngtest command:
cat /dev/random | rngtest -c 1000
If Virtio RNG isn't enabled, the command doesn't return anything. If
it is enabled, you receive a response similar to the following:
rngtest 2-unofficial-mt.14..
rngtest: starting FIPS tests...
rngtest: bits received from input: 20000032
rngtest: FIPS 140-2 successes: 1000
rngtest: FIPS 140-2 failures: 0
rngtest: FIPS 140-2(2001-10-10) Monobit: 0
rngtest: FIPS 140-2(2001-10-10) Poker: 0
rngtest: FIPS 140-2(2001-10-10) Runs: 0
rngtest: FIPS 140-2(2001-10-10) Long run: 0
rngtest: FIPS 140-2(2001-10-10) Continuous run: 0
rngtest: input channel speed: (min=4.801; avg=7.318; max=7.839)Mibits/s
rngtest: FIPS tests speed: (min=39.005; avg=69.557; max=72.523)Mibits/s
rngtest: Program run time: 2880954 microseconds
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-26 UTC."],[[["\u003cp\u003eVirtio RNG is a paravirtualized random number generator that provides random numbers to virtual machines from the host machine's entropy pool, used for sensitive information like SSH keys.\u003c/p\u003e\n"],["\u003cp\u003eVirtio RNG is pre-enabled on all Linux virtual machines (VMs) within Compute Engine, simplifying the process of obtaining random numbers for various applications.\u003c/p\u003e\n"],["\u003cp\u003eYou can verify if Virtio RNG is enabled on your Linux VM by using the command \u003ccode\u003elsmod | grep rng\u003c/code\u003e in the terminal.\u003c/p\u003e\n"],["\u003cp\u003eTo test if Virtio RNG is working, you need to connect to your VM via SSH, install the \u003ccode\u003erng-tools\u003c/code\u003e package, and execute the command \u003ccode\u003ecat /dev/random | rngtest -c 1000\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eWindows images do not support Virtio RNG.\u003c/p\u003e\n"]]],[],null,["# Enabling Virtio RNG\n\nLinux\n\n*** ** * ** ***\n\nVirtio RNG is a paravirtualized random number generator. Virtio RNG provides\nrandom numbers from an entropy pool generated by the host machine of your\nvirtual machine (VM) instance. The entropy pool collects random bits of\ninformation from the system and uses that information to generate truly random\nnumbers, which you can use for sensitive information, such as SSH keys or unique\nIDs.\n\nBefore you begin\n----------------\n\n- If you haven't already, set up [authentication](/compute/docs/authentication). Authentication verifies your identity for access to Google Cloud services and APIs. To run code or samples from a local development environment, you can authenticate to Compute Engine by selecting one of the following options:\n 1.\n [Install](/sdk/docs/install) the Google Cloud CLI.\n\n After installation,\n [initialize](/sdk/docs/initializing) the Google Cloud CLI by running the following command:\n\n ```bash\n gcloud init\n ```\n\n\n If you're using an external identity provider (IdP), you must first\n [sign in to the gcloud CLI with your federated identity](/iam/docs/workforce-log-in-gcloud).\n | **Note:** If you installed the gcloud CLI previously, make sure you have the latest version by running `gcloud components update`.\n 2. [Set a default region and zone](/compute/docs/gcloud-compute#set_default_zone_and_region_in_your_local_client).\n\nLimitations\n-----------\n\n- Virtio RNG is not available for Windows images.\n- By default, Compute Engine VMs use Virtio RNG instead of a daemon to refill the guest entropy pool. If you prefer to use an entropy gathering daemon instead of or along with Virtio RNG, you must install one. For an example of an entropy gathering daemon, see the [`rng-tools`](https://git.kernel.org/pub/scm/utils/kernel/rng-tools/rng-tools.git/about/) documentation.\n\nChecking if Virtio RNG is enabled\n---------------------------------\n\n| **Note:** Virtio RNG comes pre-enabled on all Linux VMs.\n\nYou can check whether Virtio RNG is enabled on your VM by running the following\ncommand: \n\n```\nlsmod | grep rng\n```\n\nWhen Virtio RNG is enabled, your output is similar to the following: \n\n```\nvirtio_rng 16384 0\nrng_core 16384 2 virtio_rng\nvirtio_ring 28672 4 virtio_rng,virtio_scsi,virtio_pci,virtio_net\nvirtio 16384 4 virtio_rng,virtio_scsi,virtio_pci,virtio_net\n```\n\nTesting Virtio RNG\n------------------\n\nYou can test Virtio RNG by using the `/dev/random` device.\n| **Note:** Testing is not supported on SLES 15 for SAP.\n\n1. Connect to the VM by using SSH. For example, you can use the\n gcloud CLI to connect:\n\n ```\n gcloud compute ssh VM_NAME\n ```\n\n \u003cbr /\u003e\n\n Replace \u003cvar translate=\"no\"\u003eVM_NAME\u003c/var\u003e with the name of your VM.\n2. Install `rng-tools`:\n\n ### CentOS\n\n Use the following command to install `rng-tools`: \n\n ```\n sudo yum install rng-tools\n ```\n\n ### Debian\n\n Use the following command to install `rng-tools`: \n\n ```\n sudo apt install rng-tools\n ```\n\n ### Fedora CoreOS\n\n Use the following command to install `rng-tools`: \n\n ```\n sudo yum install rng-tools\n ```\n\n ### RHEL\n\n Use the following command to install `rng-tools`: \n\n ```\n sudo yum install rng-tools\n ```\n\n ### SLES\n\n Use the following command to install `rng-tools`: \n\n ```\n sudo zypper install rng-tools\n ```\n\n ### Ubuntu LTS\n\n Use the following command to install `rng-tools`: \n\n ```\n sudo apt install rng-tools\n ```\n\n Some Ubuntu images return a `Package 'rng-tools' has no installation\n candidate` error. If you receive this error, run the following commands: \n\n ```\n sudo apt update\n sudo apt install rng-tools\n ```\n3. On the VM, run the `rngtest` command:\n\n ```\n cat /dev/random | rngtest -c 1000\n ```\n\nIf Virtio RNG isn't enabled, the command doesn't return anything. If\nit is enabled, you receive a response similar to the following: \n\n```\nrngtest 2-unofficial-mt.14..\nrngtest: starting FIPS tests...\nrngtest: bits received from input: 20000032\nrngtest: FIPS 140-2 successes: 1000\nrngtest: FIPS 140-2 failures: 0\nrngtest: FIPS 140-2(2001-10-10) Monobit: 0\nrngtest: FIPS 140-2(2001-10-10) Poker: 0\nrngtest: FIPS 140-2(2001-10-10) Runs: 0\nrngtest: FIPS 140-2(2001-10-10) Long run: 0\nrngtest: FIPS 140-2(2001-10-10) Continuous run: 0\nrngtest: input channel speed: (min=4.801; avg=7.318; max=7.839)Mibits/s\nrngtest: FIPS tests speed: (min=39.005; avg=69.557; max=72.523)Mibits/s\nrngtest: Program run time: 2880954 microseconds\n```\n\nWhat's next\n-----------\n\n- Learn more about [Virtio RNG](https://www.redhat.com/en/blog/red-hat-enterprise-linux-virtual-machines-access-random-numbers-made-easy)\n- Learn more about [`/dev/random`](https://wikipedia.org/wiki//dev/random)\n- View [Operating system details](/compute/docs/images/os-details) to learn more about the images available on Compute Engine"]]
