Creating an GCP egg node with a Raspberry Pi and a TrueRNG hardware random number generator


After a first attempt several years ago configuring a GCP node in a Raspberry PI with a random number generator hardware with COM port, I had to settle for installing it on a common PC. The card provided by the GCP project was not voltage-compatible with Raspberry Pi.

Years later I have resumed this project and I have achieved it through a Raspberry Pi 3b and a different random number generator hardware, one with USB connection. For this purpose we will need:

(estimated time to read: 5 minutes, to do: 35 min).

  1. Hardware
    1. A Raspberry Pi 3b (in fact, any Raspberry is enough for this mannual, but using state of art technology allows better maintenance in long term always).  You can get one here.
    2. A microSD card like this Sandisk 64GB. The egg stores the data is going to send, and annualy it is advised to be mannualy deleted.
    3. Optional, but advised, Aukru kit: a kit of addins for the Raspberry Pi 3 composed by a good power charger, a box and 3 heat sinks as this node will be working 24/365.
    4. entropy generator hardware: In this case TrueRng v3, with USB interface. You can get one here.
  2. Mount the hardware
      1. Mount the Rasperrby in the provided box. Plug the microsd into the Raspberry and the TrueRNG. Plug the charger and an ethernet connection if you have one.
      2. Install Raspbian.
      3. Set up network interface, edit the following file:
        $sudo nano /etc/network/interfaces and add this:
        iface eth0 inet static
        and restart networking daemon to enable networking interfaces:
        carlos@raspberrypi:~ $ sudo /etc/init.d/networking start
      4. Enable SSH to start on every boot.
      5. Let´s update the system:
        pi@raspberrypi:~ $ sudo apt-get update
        pi@raspberrypi:~ $ sudo apt-get upgrade
        pi@raspberrypi:~ $ sudo apt-get dist-upgrade

      6. pi@raspberrypi:~ $ sudo adduser carlos
        pi@raspberrypi:~ $ sudo nano /etc/sudoers.d/010_pi-nopasswd
        pi@raspberrypi:~ $ sudo passwd pi
      7. Reboot is always healthy:

        pi@raspberrypi:~ $ sudo reboot


  3. Now we have a Raspberry Pi 3b ready to be configured with the Global Consciousness Project (CGP). For this:
    1. Plug the TrueRng v3 USB at the Raspberry, and check it is detected:

      carlos@raspberrypi:/home/pi $ dmesg
      [ 1912.517842] usb 1-1.3: new full-speed USB device number 5 using dwc_otg
      [ 1912.652704] usb 1-1.3: New USB device found, idVendor=04d8, idProduct=f5fe
      [ 1912.652717] usb 1-1.3: New USB device strings: Mfr=1, Product=2, SerialNumber=0
      [ 1912.652726] usb 1-1.3: Product: TrueRNG
      [ 1912.652733] usb 1-1.3: Manufacturer: ubld.it
      [ 1912.655235] cdc_acm 1-1.3:1.0: ttyACM0: USB ACM device

    2. Download TrueRNG Udev-Rules and follow these indications:
      1. Extract and place udev rules in udev/rules.d folder (this is /etc/udev/rules.d/ under ubuntu)
        $ sudo tar -zxvf TrueRNG-Linux-udev-rules.tar.gz -C /etc/udev/rules.d/
      2. Plug in TrueRNG USB Hardware RNG.
      3. Verify /dev/TrueRNG device exists by typing
        $ ls -l /dev/TrueRNG
    3. As it is explained here, please install RNG Tools:
      1. Install rng-tools using apt-get (Debian, Raspbian or Ubuntu) or yum (Redhat)
        $ sudo apt-get install rng-tools
      2. Modify /etc/default/rng-tools (Ubuntu) or /etc/whatever (RedHat) and make sure the HWRNGDEVICE points to /dev/hwrng (eg. HRNGDEVICE=/dev/TrueRNG)
        $ nano /etc/default/rng-tools
        # Configuration for the rng-tools initscript 
        # $Id: rng-tools.default,v 2008-06-10 19:51:37 hmh Exp $ 
        # This is a POSIX shell fragment 
        # Set to the input source for random data, leave undefined 
        # for the initscript to attempt auto-detection. Set to /dev/null 
        # for the viapadlock and tpm drivers. 
        # HRNGDEVICE=/dev/hwrng 
        # HRNGDEVICE=/dev/null 
        # Additional options to send to rngd. See the rngd(8) manpage for 
        # more information. Do not specify -r/--rng-device here, use 
        # HRNGDEVICE for that instead. 
        #RNGDOPTIONS="--hrng=intelfwh   --fill-watermark=90% --feed-interval=1" 
        #RNGDOPTIONS="--hrng=viakernel  --fill-watermark=90% --feed-interval=1" 
        #RNGDOPTIONS="--hrng=viapadlock --fill-watermark=90% --feed-interval=1" 
        #RNGDOPTIONS="--hrng=tpm --fill-watermark=90% --feed-interval=1"  
      3. Make sure rng-tools will autostart
        $ sudo update-rc.d rng-tools enable
      4. Verify rng-tools service is running using top and cat your syslog for rng-tools debug info.
        $ sudo reboot 
        carlos@raspberrypi:~ $ ps axu | grep rng
        root       400  0.0  0.1  27600  1304 ?        SLsl 13:34   0:00 /usr/sbin/rngd -r /dev/TrueRNG
    4. Install the GCP software USB version, not the one at the public repositories:

      $ sudo apt-get install libncurses5-dev libusb-dev
      $ wget http://noosphere.princeton.edu/egg-beta/egg_araneus.tgz
      $ tar xvfz http://noosphere.princeton.edu/egg-beta/egg_araneus.tgz
      $ cd egg_araneus
      $ make clean
      $ make

      You will finish with several warnings like:

      /home/carlos/EGG_ARANEUS/regtest.c:72: aviso: `sys_errlist' is deprecated; use `strerror' or `strerror_r' instead

      This, anyway, is right.
      Now, modify the config file “.eggrc” (.eggprotocol is not longer used) to specify some parameters similar to the following:

      $ nano EGG_ARANEUS/.eggrc

      There parameters are:

      – First line are parameters given by the GCP, please ask Roger Nelson for them. Only “pilar002.noip.me” should be a public address ip or URI for your node.
      – Second line is the GCP server, where generated data is sent.
      – Third line is the configuration of generated data.
      – Fourth line is the device we´re using to generate data. Althought TrueRNG v3 is a USB device, the GCP    has not developed a driver for it, so we will read it generated data as a serial device (reading from /dev/TrueRNG). TrueRNG has this advantage.

      1. Orion: read from a “Orion” like device (/dev/ttyXX).
      2. Number “0” means GCP will read from /dev/ttySO.
      3. “9600” are bpd.In a later step we will make an adjustment so that GCP will real from ttyS0 instead of TrueRNG.
    5. Copy .eggrc to /etc/eggrc$ cp /home/carlos/gcp_eggsh/.eggrc /etc/eggrc
    6. Updating date and time. To synchronize the data from the egg and the server, it is necessary to sync date and hour. Also we will configure the Raspberry to start, on every boot, the GCP´s software.
      carlos@raspberrypi:~/egg $ sudo apt-get install ntpdate
      carlos@raspberrypi:~/egg $ sudo nano /etc/rc.local
      and add the following code before the “exit 0”:
      # Update date and time on boot
      ntpdate -s hora.roa.es &
      /home/carlos/gcp_eggsh/eggsh &

      Of course change the path of gcp_eggsh to that you´re using.

    7. Link between ttyS0 and TrueRNG: while the TrueRNG device is /dev/TrueRNG, the GCP reads from /dev/ttyS0, so it is necessary to create a soft-link between them (ttyS0 –> TrueRNG). But anything on /dev is lost after every reboot. So it is mandatory to create it on each boot. For this:carlos@raspberrypi:/etc/init.d $ sudo nano create_ttyS0#! /bin/sh
      # Provides: ln -sf
      # Required-Start: $local_fs $remote_fs
      # Required-Stop:
      # X-Start-Before: rmnologin
      # Default-Start: 2 3 4 5
      # Default-Stop:
      ### END INIT INFO
      . /lib/lsb/init-functions
      set -e
      case "$1" in
      # make sure privileges don't persist across reboots
      ln -fs /dev/TrueRNG /dev/ttyS0
      echo "Usage: $N {start|stop|restart|force-reload|status}" >&2
      exit 1
      exit 0
      and then create a symlink to this script at rc5.d directory, so it will be invoked at every boot:
      carlos@raspberrypi:/etc/init.d $ sudo ln -s /etc/init.d/create_ttyS0 /etc/rc5.d/S99create_ttyS0
    8. For solving an issue with  Raspberry PI and low speed, please do the following fix:
      carlos@raspberrypi:~ $ sudo su -
      root@raspberrypi:~# echo 0 > /sys/module/dwc_otg/parameters/nak_holdoff

    9. At your router, map ports UDP  1105 and 2510 to the IP of your Raspberry.
    10. Testing. Just reboot and execute the eggsh software, you will get something like:
      and check it at the GCP status web (refreshing this web may take a while)
    11. Now that everything is working you may want to create a backup of the microSD card.

One comment

  1. […] Updated: Finnaly a GCP egg can be configured in this link. […]


Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s

A %d blogueros les gusta esto: