What is the ~/.rnd file in openssl and how to generate a new private key with it?
When I tried to run the following command to issue a new private key, which I use to host my web app via SSL:
openssl genrsa -out example.key 2048
the following error occured:
unable to write 'random state'
e is 65537 (0x10001)
After digging out on the Web, I found a solution, which instructs you to delete the ~/.rnd file, which is likely owned by root.
sudo rm ~/.rnd
However, I found you don't need to delete the ~/.rnd if you issue the openssl command with sudo.
So my question is:
what is the
~/.rndand why does it exist in my environment?Which is a better way to issue a new private key?
Файл ~ / .rnd принадлежит root , если вы когда-либо запускали команду, изменяющую ~ / .rnd как root через sudo в режиме без входа в систему (т.е. без -i ). Что касается файла ~ / .rnd , он содержит начальное значение для генератора случайных чисел OpenSSL. Наименее худшие документы, которые я могу найти на нем, - это RAND_read_file (3) справочная страница .