' Openssl.cnf ' and ' .rand ' file
chuckr at chuckr.org
Sat Nov 10 18:59:31 PST 2007
Girish Venkatachalam wrote:
> On 11:22:10 Nov 10, White Hat wrote:
>> openssl 0.9.7e-p1 25 Oct 2004
>> I have not been able to find an answer to this question on Google, so I figured I had better ask it here.
>> In the '/etc/ssl/openssl.cnf' file, there is an entry for:
>> RANDFILE = $dir/private/.rand # private random number file
>> Well, that file does not exist. I cannot find it anywhere on my system and I have not been able to figure out how to create it.
>> Also, where could I locate some information on the 'openssl.cnf' file. There does not appear to be a 'man' page for it. I would like some more information on what all of the settings mean and possibly how to set them for my particular needs.
> Why do you want it?
> You can use the openssl rand command for doing what you may be wanting
> to do.
> $ openssl rand 10000
> if you want binary output of length 10000 bytes or you can use the
> -base64 switch for ASCII output.
> (You don't need the RANDFILE which is probably a seed or something)
> Most parts of OpenSSL are not documented properly and the source code is
> immensely hard to follow.
> I have worked with the guts of OpenSSL long ago and in spite of working
> with it for a long time, I have always found it hard to follow what
> happens where. :)
Well, that's a bit of a personal opinion, but have you even used the
sclient and sserver functions of the openssl command? Damn, but that's
a fantastic debugging tool! Nicely documented in the openssl man page, too.
> The code is one of the most intricate uses of the wonderful C language.
> Enjoy the fun! :)
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions