Re: openSSL Key generation

From: Seth Arnold (sarnold@wirex.com)
Date: 02/06/03

  • Next message: DMcLF@DMcLF.org: "Re: openSSL Key generation"
    Date: Thu, 6 Feb 2003 11:01:17 -0800
    From: Seth Arnold <sarnold@wirex.com>
    To: "Leland T. Snyder" <ltsnyder@x3ci.com>
    
    
    

    On Tue, Feb 04, 2003 at 12:05:44AM -0500, Leland T. Snyder wrote:
    > [root@basea1 tmp]# nohup time /usr/bin/openssl genrsa -rand /dev/urandom
    > 1024 > /tmp/server.key &
    > ==========================================================================
    >
    > While the manual says this might take a long time, it has been running all
    > night, are athalon processors slow? or did I phrase my command incorrectly?
    > CPU time is being consumed like crazy.

    Remove the -rand /dev/urandom piece. I tried your command both with and
    without this option, and without it, it ran in under a few seconds on my
    p3 700mhz. (You wouldn't want to use /dev/urandom anyway, as it is
    providing 'fake' entropy; which is fine for _many_ tasks, but server
    keys should probably use the real thing..)

    -- 
    http://immunix.org/
    
    




    Relevant Pages

    • Re: ssh clarification needed
      ... I doubt it too - but having the keys means you can use them to login in as ... Only if you can crack the pass phrase or the user was dumb enough to ... servers that need to connect to another server for a specific job, ... A brute force password cracker is going to have a hard time unless ...
      (Fedora)
    • Re: SSH
      ... > I was thinking about setting up a maximum lazyness maximum security = ... > it to have a ssh2 key with no pass phrase compared to one that does.. ... that contains the keys, you're much worse off. ...
      (FreeBSD-Security)
    • Re: SSH
      ... > I was thinking about setting up a maximum lazyness maximum security = ... > it to have a ssh2 key with no pass phrase compared to one that does.. ... that contains the keys, you're much worse off. ...
      (FreeBSD-Security)
    • Re: Message rules - remove from server without downloading
      ... phrase, will it be removed after the message is downloaded? ... iterations in the message body. ... > Only Subject, To, CC and From rules can be deleted from the server. ... Not download it ...
      (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
    • SSH
      ... I just wanted to know how dangerous are ssh keys with no password phrases? ... And how bad would it be to have all the servers I have access to with different keys but the exact same password phrase like "pepsi"? ... And is it more secure to have a pass phraseless ssh key compared to just using ssh with no keys and just using a password that belongs to the unix account? ...
      (FreeBSD-Security)