[openssl-users] using a random number file for generation of keys/certificates

[Graham Leggett]

On 3 Sep 2015, at 19:23, Viktor Dukhovni <openssl-users at dukhovni.org> wrote:

> Cat those files into /dev/urandom or /dev/random.  That'll mix them
> into the system's entropy pool.  Then generate keys as usual from
> /dev/urandom.

I have used a deck of playing cards as a source of entropy, saved to a ram disk on a system with no swap, used then discarded. This has the advantage that you know where the randomness comes from.

Regards,
Graham
--