The man page for rngd on Linux says -o (/dev/random) is used for random number output while -r (/dev/hwrng) for random number input. What does this mean? How do these device files differ and why are they used differently? My understanding is the the kernel generates its own random sequences from hardware events and sticks them into /dev/random. So why would rngd need an "input" device?
/dev/hwrngis a device special for a hardware source of random numbers. The man page gives additional sources that rngd can read from if desired.With its defaults, rngd reads from this source and writes to
/dev/random.The effect of writing to
/dev/randomis to add the data to the kernel's entropy pool.The number of sources from which the kernel can gather entropy data on its own is limited. Using a userland process which can gather entropy from additional sources and provide it to the kernel means that it is less likely to run out of entropy if
/dev/randomis heavily used.From open hardware drivers yes, from hardware random modules (/dev/hwrng) no. Linux developers consider the trust level of opaque random hardware important enough to not be on by default, by punting the decision to user space.
rngd being a user program also makes it easy to mix non-kernel sources in, such as the NIST Randomness Beacon. (While it may be fun to have a national laboratory roll virtual dice, this bit stream is public, never use it for crypto secrets.)