> "Shaffer, Kurt" wrote: > > I am trying to generate private keys using the openssl binary with the > following command: > > openssl genrsa -rand /dev/random -out private.keys 1024 > or > openssl genrsa -des3 -rand /dev/random -out private.keys 1024 > > After entering either of the commands above the system just sits > there.
Are you really shure this isn't in the FAQ ? If you specify a -rand param, openssl expects to be a file containing random data. So it will open the file wand reads until it gets an EOF. But /dev/random is no file but a device that will temporary block if no entropy is available. So this will allways block (succing your carefully collected entropy out of your system and wasting it...) If you have a /dev/random or /dev/urandom, openssl normally will find them without you having to specify it. So try openssl genrsa -out private.keys 1024 or openssl genrsa -des3 -out private.keys 1024 But never specify a /dev/random with the -rand param ! And please: Turn this stupid HTML bullshit of. Bye Goetz -- Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de Sonninstr. 24-28, 20097 Hamburg, Germany Tel.: +49-(0)40 80 80 26 -0, Fax: +49-(0)40 80 80 26 -126
smime.p7s
Description: S/MIME Cryptographic Signature
