From 8311d323783dfdd52ec87cf0429ec67bc21965a1 Mon Sep 17 00:00:00 2001 From: Ulf Möller Date: Tue, 28 Mar 2000 19:45:06 +0000 Subject: Add pointer to EGD manpage. Update the "randomness" section for the upcoming 0.9.5a release. --- FAQ | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'FAQ') diff --git a/FAQ b/FAQ index eca2601171..0260935bb0 100644 --- a/FAQ +++ b/FAQ @@ -110,17 +110,21 @@ OpenSSL functions that need randomness report an error if the random number generator has not been seeded with at least 128 bits of randomness. If this error occurs, please contact the author of the application you are using. It is likely that it never worked -correctly. OpenSSL 0.9.5 makes the error visible by refusing to -perform potentially insecure encryption. +correctly. OpenSSL 0.9.5 and later make the error visible by refusing +to perform potentially insecure encryption. + +On systems without /dev/urandom, it is a good idea to use the Entropy +Gathering Demon; see the RAND_egd() manpage for details. Most components of the openssl command line tool try to use the file $HOME/.rnd (or $RANDFILE, if this environment variable is set) for seeding the PRNG. If this file does not exist or is too short, the "PRNG not seeded" error message may occur. -Note that the command "openssl rsa" in OpenSSL 0.9.5 does not do this -and will fail on systems without /dev/urandom when trying to -password-encrypt an RSA key! This is a bug in the library; -try a later snaphost instead. + +[Note to OpenSSL 0.9.5 users: The command "openssl rsa" in version +0.9.5 does not do this and will fail on systems without /dev/urandom +when trying to password-encrypt an RSA key! This is a bug in the +library; try a later version instead.] * Why does the linker complain about undefined symbols? -- cgit v1.2.3