[Pkg-openssl-devel] bad debian openssl and -rand option
emaxx-debian
emaxx-debian at davex.nl
Thu May 22 06:33:07 UTC 2008
Kurt Roeckx wrote on 21-5-2008 20:23:
> No source of random data could ever get added to the PRNG. The -rand
> option was useless.
>
>
> Kurt
Hi Kurt,
Thanks for your response!
I checked the private keys I generated with the bad debian openssl
against a blacklist (openssl-vulnkey on Ubuntu) and they weren't
comprimised. Then I did an extra check with two new keys generated with
the bad debian openssl: one generated with the -rand option, one
without. Only the one generated without the -rand option was
compromised. My conclusion was that the entropy added via the -rand
option was used and made the key more thrustworthy, isn't it?
Regards,
Vince.
More information about the Pkg-openssl-devel
mailing list