> From: owner-openssl-us...@openssl.org On Behalf Of goggel > Sent: Sunday, 23 December, 2012 12:17 > To: openssl-users@openssl.org > Subject: RE: Error message when generating private key > <previous: genrsa -des3 prompt for passphrase failed>
> I'm using debian (linux) with a ssh+terminal shell. > > I got it to work with the passout command, but I would love > to know what the > problem is without -passout since it seems like a lot of > people got it to > work. > I sympathize. This is a pretty common function in openssl and one would expect it to work. Certainly it always has for me on (inhouse builds on) RedHat; our shop doesn't do Debian. Unfortunately openssl apparently doesn't give much info about problems in this area. (Unlike most errors in libcrypto which put often-helpful details in ERR_*.) I would first sanity-check some related things: - if you run openssl interactively -- give no arguments so it prompts for command(s) -- does that work? - do other programs that do noecho-prompting work? Possibilities that spring to mind are mysql client with -p, and ssh client (or sftp or scp) if you *don't* use the silent/automatic auth options like known-hosts and pubkey. - do you have any other versions/builds of openssl available, and if so do they work? If that localizes the problem in (this) openssl, ideas would be: - strace - is it doing the syscalls it should, and do they work? - (get a build with symbols and) debug. In my experience trying to gdb a program that manipulates settings on the same tty gdb is using causes chaos, so you probably have to start openssl on one tty and then attach gdb to it from another terminal. Good luck, and happy holidays. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
