> When I type
> 'openssl genrsa -rand /dev/urandom -out www.domain.com.key 1024'
> the command just sit and do nothing. I ran this command on a freebsd box.
Likely it's trying to read *all* of /dev/urandom. The nature of
urandom is that it's infinite, so you'll sit there forever.
Try dropping the '-rand /dev/urandom' option if using openssl0.9.5a,
because it'll look there anyway if it's available, and won't work
if it can't get a good seed.
Or if you want that -rand option, you could
head -20 /dev/urandom > somefile
openssl genrsa -rand somefile -out .....
(yeah, the -20 is totaly arbitrary, and it probably generates 5000
characters or so, but you're rather assured it'll be enough for
openssl)
--
Brian Hatch Schizophrenia:
Systems and it beats being alone.
Security Engineer
http://www.ifokr.org/bri/
Every message PGP signed
PGP signature
