Date: Sat, 10 Nov 2007 21:58:23 -0500 From: Chuck Robey <chuckr@chuckr.org> To: freebsd-questions@freebsd.org Subject: Re: ' Openssl.cnf ' and ' .rand ' file Message-ID: <47366FCF.7060903@chuckr.org> In-Reply-To: <20071111015823.GE6698@saraswathy.susmita.org> References: <846921.73269.qm@web34404.mail.mud.yahoo.com> <20071111015823.GE6698@saraswathy.susmita.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Girish Venkatachalam wrote: > On 11:22:10 Nov 10, White Hat wrote: >> openssl 0.9.7e-p1 25 Oct 2004 >> >> I have not been able to find an answer to this question on Google, so I figured I had better ask it here. >> >> In the '/etc/ssl/openssl.cnf' file, there is an entry for: >> >> RANDFILE = $dir/private/.rand # private random number file >> >> Well, that file does not exist. I cannot find it anywhere on my system and I have not been able to figure out how to create it. >> >> Also, where could I locate some information on the 'openssl.cnf' file. There does not appear to be a 'man' page for it. I would like some more information on what all of the settings mean and possibly how to set them for my particular needs. > > Why do you want it? > > You can use the openssl rand command for doing what you may be wanting > to do. > > $ openssl rand 10000 > > if you want binary output of length 10000 bytes or you can use the > -base64 switch for ASCII output. > > (You don't need the RANDFILE which is probably a seed or something) > > Most parts of OpenSSL are not documented properly and the source code is > immensely hard to follow. > > I have worked with the guts of OpenSSL long ago and in spite of working > with it for a long time, I have always found it hard to follow what > happens where. :) Well, that's a bit of a personal opinion, but have you even used the sclient and sserver functions of the openssl command? Damn, but that's a fantastic debugging tool! Nicely documented in the openssl man page, too. > > The code is one of the most intricate uses of the wonderful C language. > :) > > Enjoy the fun! :) > > Thanks. > > regards, > Girish > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47366FCF.7060903>