Jason Wittlin-Cohen wrote: > I'm currently using EAP-TLS with 3072 bit RSA certificates and a 3072 > bit DH paramters. Currently I'm using the random file produced by the > bootstrap script which appears to take 10 bytes of data from > /dev/urandom. Is this sufficient with the larger keysize I am using? In > addition, many howtos suggest using /dev/urandom directly. Is this a > good idea?
Using /dev/urandom is fine. It's not on every system, so the server doesn't use it by default. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
