openssl-rand.1ossl - Man Page

generate pseudo-random bytes


openssl rand [-help] [-out file] [-base64] [-hex] [-engine id] [-rand files] [-writerand file] [-provider name] [-provider-path path] [-propquery propq] num


This command generates num random bytes using a cryptographically secure pseudo random number generator (CSPRNG).

The random bytes are generated using the RAND_bytes(3) function, which provides a security level of 256 bits, provided it managed to seed itself successfully from a trusted operating system entropy source. Otherwise, the command will fail with a nonzero error code. For more details, see RAND_bytes(3), RAND(7), and EVP_RAND(7).



Print out a usage message.

-out file

Write to file instead of standard output.


Perform base64 encoding on the output.


Show the output as a hex string.

-engine id

See "Engine Options" in openssl(1). This option is deprecated.

-rand files, -writerand file

See "Random State Options" in openssl(1) for details.

-provider name
-provider-path path
-propquery propq

See "Provider Options" in openssl(1), provider(7), and property(7).

See Also

openssl(1), RAND_bytes(3), RAND(7), EVP_RAND(7)


The -engine option was deprecated in OpenSSL 3.0.

Referenced By

openssl.1ossl(1), openssl-cmds.1ossl(1).

2024-04-04 3.2.1 OpenSSL