openssl-rand Manual Page

NAME

openssl-rand - generate pseudo-random bytes

SYNOPSIS

openssl rand [-help] [-out file] [-base64] [-hex] {- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_r_synopsis -} {- $OpenSSL::safe::opt_provider_synopsis -} num[K|M|G|T]

DESCRIPTION

This command generates num random bytes using a cryptographically secure pseudo random number generator (CSPRNG). A suffix [K|M|G|T] may be appended to the num value to indicate the requested value be scaled as a multiple of KiB/MiB/GiB/TiB respectively. Note that suffixes are case sensitive, and that the suffixes represent binary multiples (K = 1024 bytes, M = 1024*1024 bytes, etc).

The string 'max' may be substituted for a numerical value in num, to request the maximum number of bytes the CSPRNG can produce per instantiation. Currently, this is restricted to 2^61 bytes as per NIST SP 800-90C.

The random bytes are generated using the RAND_bytes(3) function, which provides a security level of 256 bits, provided it managed to seed itself successfully from a trusted operating system entropy source. Otherwise, the command will fail with a nonzero error code. For more details, see RAND_bytes(3), RAND(7), and EVP_RAND(7).

OPTIONS

-help

Print out a usage message.

-out file

Write to file instead of standard output.

-base64

Perform base64 encoding on the output.

-hex

Show the output as a hex string.

{- $OpenSSL::safe::opt_engine_item -}

{- $OpenSSL::safe::opt_r_item -}

{- $OpenSSL::safe::opt_provider_item -}

SEE ALSO

openssl(1), RAND_bytes(3), RAND(7), EVP_RAND(7)

HISTORY

The -engine option was deprecated in OpenSSL 3.0.

COPYRIGHT

Copyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.

POD ERRORS

Hey! The above document had some coding errors, which are explained below:

Around line 1:

=pod directives shouldn't be over one line long! Ignoring all 2 lines of content

Topics:

• NAME
• SYNOPSIS
• DESCRIPTION
• NOTES
• RETURN VALUES
• SEE ALSO