On Sat, Feb 18, 2012 at 5:37 PM, Kurt Roeckx k...@roeckx.be wrote:
On Sat, Feb 18, 2012 at 05:28:41PM +0100, Stanislav Meduna wrote:
On 18.02.2012 17:02, Edward Ned Harvey wrote:
So these studies went out and scoured the internet, collecting public keys
from every service they could find,
From: David Jacobson [mailto:dmjacob...@sbcglobal.net]
Sent: Saturday, February 18, 2012 5:15 PM
You will see that /dev/urandom does get real entropy, and, as I said,
entropy is saved across shutdown and reboot, so that even right after
boot (assuming that the file is secure), the entropy
From: owner-openssl-...@openssl.org [mailto:owner-openssl-
d...@openssl.org] On Behalf Of Stanislav Meduna
I interpret http://www.openssl.org/support/faq.cgi#USER1
such that the /dev/urandom is always used if present and
the RNG used is additionally seeded by RANDFILE. So your
keys are
Here is how /dev/urandom works on the systems I've looked at. (More
specifically, I'm looking at Ubuntu, but I've also looked at Solaris.)
/dev/urandom has some pool of information (commonly called entropy). At
shutdown, the system reads a 4K byte block from /dev/urandom and stores
it in
From: David Jacobson [mailto:dmjacob...@sbcglobal.net]
Sent: Friday, February 17, 2012 3:33 PM
Here is how /dev/urandom works on the systems I've looked at. (More
specifically, I'm looking at Ubuntu, but I've also looked at Solaris.)
/dev/urandom has some pool of information (commonly
On 18.02.2012 17:02, Edward Ned Harvey wrote:
So these studies went out and scoured the internet, collecting public keys
from every service they could find, which amounts to something like 1-2
million servers, and they scanned them all for identical keys and/or shared
factors. They found
On Sat, Feb 18, 2012 at 05:28:41PM +0100, Stanislav Meduna wrote:
On 18.02.2012 17:02, Edward Ned Harvey wrote:
So these studies went out and scoured the internet, collecting public keys
from every service they could find, which amounts to something like 1-2
million servers, and they
From: owner-openssl-...@openssl.org [mailto:owner-openssl-
d...@openssl.org] On Behalf Of Stanislav Meduna
On 18.02.2012 17:02, Edward Ned Harvey wrote:
So these studies went out and scoured the internet, collecting public
keys
from every service they could find, which amounts to
On 18.02.2012 22:47, Edward Ned Harvey wrote:
Any link to the studies? - I was not able to find anything relevant.
Is this related to the 2008 Debian OpenSSL snafu?
Not the debian thing.
http://arstechnica.com/business/news/2012/02/crypto-shocker-four-of-every-10
If this subject varies based on context, then I'm specifically focusing on
generating private keys / certs via openssl command-line tools on linux
(rhel/centos) for use in https, etc.
My question is, assuming servers are generated from VM snapshots or clones,
or restored from backups, or
On Fri, Feb 17, 2012 at 9:23 AM, Edward Ned Harvey
open...@nedharvey.com wrote:
If this subject varies based on context, then I'm specifically focusing on
generating private keys / certs via openssl command-line tools on linux
(rhel/centos) for use in https, etc.
My question is, assuming
11 matches
Mail list logo