[Sunhelp] Random device in Solaris 8? (OpenSSL)
Erik Parker
eparker at mindsec.com
Wed Oct 18 02:17:12 CDT 2000
> generate a certificate I get the folowing error:-
>
>
> mike at mudge mike]$ /usr/local/ssl/misc/CA.pl -newca
> CA certificate filename (or enter to create)
>
> Making CA certificate ...
> Using configuration from /usr/local/ssl/openssl.cnf
> unable to load 'random state'
> This means that the random number generator has not been seeded
> with much random data.
> Generating a 1024 bit RSA private key
> 23472:error:24064064:random number generator:SSLEAY_RAND_BYTES:PRNG not
> seeded:md_rand.c:474:You need to read
> the OpenSSL FAQ, http://www.openssl.org/support/faq.html
> 23472:error:04069003:rsa routines:RSA_generate_key:BN lib:rsa_gen.c:182:
>
>
> Now looking at the FAQ it seems like I am lacking some form of random
> device? :-
>
>
> For Solaris 2.6, Tim Nibbe <tnibbe at sprint.net> and others have suggested
> installing the SUNski package from Sun patch 105710-01 (Sparc) which
> adds a /dev/random device and make sure it gets used, usually through
> $RANDFILE. There are probably similar patches for the other Solaris
> versions. However, be warned that /dev/random is usually a blocking
> device, which may have some effects on OpenSSL.
>
I couldn't find a package for Solaris 8..
To get openssl to work I had to install a random daemon that always served
up random numbers.. It's in the OpenSSL faq file
Erik Parker
Mind Security
An armed society, is a polite society.
More information about the SunHELP
mailing list