& Encryption
Phone +61 7 3031 7217
Oracle Australia
-Original Message-
From: Cipher [mailto:dhanukumar1...@gmail.com]
Sent: Wednesday, 12 September 2018 7:24 PM
To: openssl-users@openssl.org
Subject: [openssl-users] /dev/random in FIPS mode Error: PRNG not seeded
Hello,
We have a cu
andom"
Now we see that openssl is using /dev/random, but the problem is openssl
operations randomly fail when run multiple times with "PRNG not seeded"
error. This is in-spite of having rngd installed to boost entropy.
[root@debian ~]# OPENSSL_FIPS=1 openssl version
FIPS mode ON.
Open
First off, yes, I did read the FAQ.
I am trying to build 9.8.0r on an old Dec Unix (aka tru64 Alpha) machine,
specifically OSF1 V4.0. I'm getting the PRNG not seeded error when running the
tests. Yes, I did read the FAQ.
Now this machine is pretty old, and AFAIK, has no random device
rams(pDHParamfp, sdf_co_null, Sdf_co_null, Sdf_co_null);
> ..SSL_CTX_set_tmp_dh(pSslCtx, dh);
>
> from here I am getting the error message "PRNG not seeded".
> This function calls the function 'generate_key' of OpenSSL and from here
> 'BN_rand' return
);
from here I am getting the error message "PRNG not seeded".
This function calls the function 'generate_key' of OpenSSL and from here
'BN_rand' returns failure with this error code.
On reading the OpenSSL faq, found that the function 'RAND_egd()' needs to be
c
I'm using ssl (openssl-0.9.7m) as part of AXIS C++. I just spent a week trying
to figure out why I couldn't use https (via openssl) to connect on only some of
our systems. After rebuilding our copy of OpenSSL for debug and trapping
through it, I found that ssleay_rand_bytes() was setting the
Dear all,
I know this is discussed a lot of times here but I
need help about this.
I`m getting the PRNG not seeded error.
This is what I`m getting at my online
store:
Unable to authorize payment: Error establishing
SSL connection to 'secure.authorize.net': PRNG not
seeded
I`m n
On Fri, 1 Nov 2002 [EMAIL PROTECTED] wrote:
> More better is package 112438-x from sunsolve.sun.com - it adds /dev/random
> Or ANDIrand package from www.sunfreeware.com (I think).- the same, better
> then SUN package I think.
Sure, but this was specified in the original post:
> > I am using IBM
0 14:13:01 - 0:03 /opt/freeware/sbin/prngd
> -f /dev/egd-pool -m 666
> #
>
>
>
> But still when I run OPENSSL.command it gives me same er
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: PRNG not seeded ERROR
Hi Mr. Erwann:
THANKS for your reply.
I checked the url before I posted my query to this List. I am bit
confused - should I need to install EGD or PRNG? I checked my IBM
Server and could'nt find /dev/rando
-f /dev/egd-pool -m 666
#
But still when I run OPENSSL.command it gives me same error PRNG
not seeded - wonder why!
THANKS!
>>> Erwann ABALEA <[EMAIL PROTE
On Thu, 31 Oct 2002, Manoj Kithany wrote:
> THANKS for your reply.
> I checked the url before I posted my query to this List. I am bit
Sorry if I offended you. You didn't specify in your first post that you
checked the URL, and since this question is in the FAQ, that means it is
asked a *lot* of
Hi Mr. Erwann:
THANKS for your reply.
I checked the url before I posted my query to this List. I am bit
confused - should I need to install EGD or PRNG? I checked my IBM
Server and could'nt find /dev/random?
Can you/anyone please help?
THANKS!
Manoj G. Kithany
>>> [EMAIL PROTECTED] 10
On Thu, 31 Oct 2002, Manoj Kithany wrote:
> I installing OPENSSL and when running I get following ERROR - wonder
> why:
> --
> # ./openssl req -new -nodes -keyout private.key -out public.csr
> Using configuration from /usr/loc
>From: Boyle Owen
>After upgrading to openSSL-0.9.6g and reinstalling
>openssh_3.4p1, I can't get ssh or sshd to work. As soon as I
>try to start the sshd daemon or an ssh session, I immediately
>get the command line error "PRNG is not seeded".
Thanks Lutz, for helping out - your tips really
On Wed, Aug 14, 2002 at 02:24:15PM +0200, Boyle Owen wrote:
> So, it looks like the newly installed ssh is trying to get its entropy from
>/dev/urandom instead of prngd. That would explain the "not seeded" error.
>Incidentally, apache/mod_ssl is working fine with this prngd so, indeed, the probl
>From: Lutz Jaenicke [mailto:[EMAIL PROTECTED]]
>> After upgrading to openSSL-0.9.6g and reinstalling
>openssh_3.4p1, I can't get ssh or sshd to work. As soon as I
>try to start the sshd daemon or an ssh session, I immediately
>get the command line error "PRNG is not seeded".
>I doubt that you
On Wed, Aug 14, 2002 at 11:42:51AM +0200, Boyle Owen wrote:
> Hi,
>
> After upgrading to openSSL-0.9.6g and reinstalling openssh_3.4p1, I can't get ssh or
>sshd to work. As soon as I try to start the sshd daemon or an ssh session, I
>immediately get the command line error "PRNG is not seeded".
Hi,
After upgrading to openSSL-0.9.6g and reinstalling openssh_3.4p1, I can't get ssh or
sshd to work. As soon as I try to start the sshd daemon or an ssh session, I
immediately get the command line error "PRNG is not seeded".
Previously, with openssl-0.9.6f and openssh_3.4p1, all was working
Hello.
I'm get the "PRNG not seeded" error even with /dev/random and urandom
available. I also set the RANDFILE=/dev/random , but that still did not
fix things. The $HOME/.rnd file fixes this but there are too many users
to use the $HOME/.rnd file per account.
Does anyone k
Sorry if this is a dumb question that has been answered in countless threads
and FAQ's I just don't seem to have found those particular ones.
I have installed openssl 0.9.6d and generated a CA and a certificate (in pem
format) using CA.pl.
I configured mod_ssl 2.8.8 and mod_perl into apache1.3.2
To: [EMAIL PROTECTED]
Subject: Re: PRNG not seeded
[EMAIL PROTECTED] wrote:
>Dear Sir,
>
>I have installed OPENSSL on OSF1 V4.0 (Digital Unix) and I am trying to
>run the demos/bio programs saccept and sconnect.
>
>I run saccept localhost:8900 and all is fine.
>
>When I run scon
[EMAIL PROTECTED] wrote:
>Dear Sir,
>
>I have installed OPENSSL on OSF1 V4.0 (Digital Unix) and I am trying to
>run the demos/bio programs saccept and sconnect.
>
>I run saccept localhost:8900 and all is fine.
>
>When I run sconnect localhost:8900, I receive the following message:
>
>SSLEAY_RAND_
Get EGD or PRNGd from:
http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
And call RAND_egd("/var/run/egd-pool");
before you try to use any crypt or ssl routines ...
Obviously /var/run/egd-pool may vary depending on where
you initialize the egd socket from egd or prngd
Pers
Dear Sir,
I have installed OPENSSL on OSF1 V4.0 (Digital Unix) and I am trying to
run the demos/bio programs saccept and sconnect.
I run saccept localhost:8900 and all is fine.
When I run sconnect localhost:8900, I receive the following message:
SSLEAY_RAND_BYTES:PRING not seeded.
I have loo
Hello SSL-users,
I'm running Apache-SSL under Solaris 2.7 and
installed a second certificate / virtual ssl-server.
For this server, some Browsers fail
to connect to the ssl-server and the server logs say
[Mon Apr 9 14:18:55 2001] [error] SSL_accept failed
[Mon Apr 9 14:18:55 2001] [error] err
On Fri, Apr 06, 2001 at 11:34:48AM -0400, [EMAIL PROTECTED] wrote:
>
> Something like this may help you out:
>
> rand_buf = "0123456789ABCDEF0";
> RAND_seed(rand_buf, 17);
> /* One or the other will do */
> RAND_add(rand_buf, 17, 17);
First: fortunately it would not help out, si
> Something like this may help you out:
>
> rand_buf = "0123456789ABCDEF0";
> RAND_seed(rand_buf, 17);
> /* One or the other will do */
> RAND_add(rand_buf, 17, 17);
Seeding with a static stream is as worthless as no seeding at all.
Try using something *random* for your RAND_se
d to [EMAIL PROTECTED]
To: openssl-users <[EMAIL PROTECTED]>
cc:(bcc: Carl Douglas/CIMG/CVG)
Subject: PRNG not seeded ERROR
Openssl is correctly installed. Here is the report :
OpenSSL self-test report:
OpenSSL version: 0.9.6
Last change: In ssl23_get_client_hello, generate an
cific Northwest National Laboratory
(509) 375-3627 voice
(509) 375-2379 FAX
mailto:[EMAIL PROTECTED]
-Original Message-
From: De Closmadeuc, Etienne [mailto:[EMAIL PROTECTED]]
Sent: Friday, April 06, 2001 12:48 AM
To: openssl-users
Subject: PRNG not seeded ERROR
Opens
Openssl is correctly installed. Here is the report :
OpenSSL self-test report:
OpenSSL version: 0.9.6
Last change: In ssl23_get_client_hello, generate an error message
wh...
OS (uname): AIX spirou 3 4 0055B8AA4C00
OS (config): 0055B8AA4C00-ibm-aix
Target (default): ?
this file, I still get the 'PRNG not seeded' error whenever I try to use
openssl.
I would be v. grateful for any help.
Allan.
__
OpenSSL Project http://www.openssl.org
User Support Ma
From: "Greaney, Kevin" <[EMAIL PROTECTED]>
Kevin.Greaney> I have run into a problem with one of the OpenSSL Apps.
Kevin.Greaney> When attempting to run the Speed App with the RSA4096 option,
Kevin.Greaney> I ran into a PRNG not seeded error (see log below). I ha
Hi,
I have run into a problem with one of the OpenSSL Apps.
When attempting to run the Speed App with the RSA4096 option,
I ran into a PRNG not seeded error (see log below). I have setup a
RANDFILE and it is pointed to be a system-wide logical. I also setup
a .RND in my SYS
SUNWski package is included in these patches, available at:
http://www.freeware4sun.com/patches/2.6/index.html
106754-01, 106755-01, 106756-01
Nils Lofstedt
Michael Sierchio wrote:
> Paul Allen wrote:
> > The SUNWski package works fine on Solaris 8. Really. It doesn't
> > complain at instal
Paul Allen wrote:
> The Sun Web Server patch that contains SUNWski is on the SunSolve web
> site. You need a current Sun software maintenance contract in order
> to get a SunSolve account. My favorite entry into SunSolve is:
>
> http://sunsolve.sun.com/private-cgi/search.pl?mode=advanced
>
Michael Sierchio wrote:
>
> Paul Allen wrote:
> > The SUNWski package works fine on Solaris 8. Really. It doesn't
> > complain at install time, and it works fine.
>
> Just for grins, could you post a definitive URL for the patch? The
> only pages I found listed it as a subscription-only patch
Paul Allen wrote:
> The SUNWski package works fine on Solaris 8. Really. It doesn't
> complain at install time, and it works fine.
Just for grins, could you post a definitive URL for the patch? The
only pages I found listed it as a subscription-only patch...
Thanks.
__
"Billigmeier, Chad" wrote:
>
> Sun doesn't seem to have any random number generator in /dev ??? Do I need
> to apply a patch?
>
> I did see the SUNWski patch but that seems to apply only to solaris < 2.6
>
> The PRNG not seeded message appears while atte
Sun doesn't seem to have any random number generator in /dev ??? Do I need
to apply a patch?
I did see the SUNWski patch but that seems to apply only to solaris < 2.6
The PRNG not seeded message appears while attempting to make certificate for
apache-ssl
any help would be app
From: Mats Nilsson <[EMAIL PROTECTED]>
Subject: Bug: "openssl rsa ... -des3", prng not seeded
Date: Tue, 10 Oct 2000 09:29:16 +0200
Message-ID: <[EMAIL PROTECTED]>
mats.nilsson> [NT4.0SP6, MSVC6SP3, OpenSSL 0.9.5]
[...]
mats.nilsson> I get asked for the old
[NT4.0SP6, MSVC6SP3, OpenSSL 0.9.5]
I have an rsa private key in a pem file. It is protected by a password. I'd
like to change password. So I try:
openssl rsa -in key.pem -out key2.pem -des3
I get asked for the old password, but then it aborts with the usual "prng
not seeded"
Hello,
root@stva159> uname -a
SunOS stva159 5.7 Generic_106541-04 sun4u sparc SUNW,Ultra-5_10
I'm installing:
* apache_1.3.12
* ApacheJServ-1.1.2
* openssl-0.9.5a
* mm-1.1.3
* mod_ssl-2.6.5-1.3.12
I've found this answer for Solaris 2.6...
http://www.openssl.org/support/faq.html#6
Is it t
i've read the FAQ's, both from openssl and modssl. My system is NetBSD 1.4Y
-current (ELF). It does have the /dev/random and /dev/urandom device files.
Does openssl generate the seed file automatically? Where do I specify
DEVRANDOM? As a param to ./config or env variable?
_
I have Apache 1.3.13 with SSl 1.39 and Openssl 0.9.5a
on a Solaris 7 (i386)
When using a netscape navigator from Linux (56 bits), it works fine.
When using a netscape navigator from Win NT or Solaris 7 or IE5 from NT
I have the following messages in the log file.
[Thu Apr 13 18:25:49 2000] [erro
On Wed, Apr 12, 2000 at 02:30:42PM -0500, Henrik Johnsen wrote:
[SNIP]
> 29211:error:24064064:random number generator:SSLEAY_RAND_BYTES:prng not
>seeded:md_rand.c:470:
See http://www.modssl.org/docs/2.6/ssl_faq.html#ToC15 and
http://www.openssl.org/support/faq.html#6
vh
Mads Toftum
___
Hi!
Ive been trying to install Apache 1.3.12 + mod_ssl for a couple of days
now. Ive prior to this installed openssel 0.9.5. This is all running
on a Solaris server.
My problem arrives after compiling Apache 1.3.12 + mod_ssl, when doing
the make certificate.
If I do a "make certificate TYPE=d
On Thu, Mar 16, 2000 at 05:27:51PM +, Richard Hopkins wrote:
> Where I'm now having problems, though, is with stunnel (3.8). When I try to
> start it up, I get...
>
> dire# /usr/local/sbin/stunnel -f -D7 -d 636 -r 389
> LOG7[5786:1]: Service name to be used: 389
> LOG7[5786:1]: Generating 5
I've installed openssl 0.9.5 on a Solaris 2.6 box. Sure enough, I initially
had problems with it (which showed up during "make test")...
"This means that the random number generator has not been seeded
with much random data.
Consider setting the RANDFILE environment variable to point at a file
ix before,
even
though this was discussed in openssl-dev just last weekend (Thread:
'prng not seeded' error when changeing RSA private key password, I just
checked my archive) and probably already in another thread before that.
Anyway. The PRNG seeding item is an important one and top
50 matches
Mail list logo
