diff options
author | Thomas Roessler <roessler@does-not-exist.org> | 2000-07-14 08:50:53 +0000 |
---|---|---|
committer | Thomas Roessler <roessler@does-not-exist.org> | 2000-07-14 08:50:53 +0000 |
commit | 10ed57acdba4973ce1c58d0b73708389328bf3a4 (patch) | |
tree | bc97a84ac8df9966cb1d8d3c4de008186aa2db0a /README.SSL | |
parent | 5883895365a6023bae30c184997ed25c4d5da1ba (diff) |
Tommi Komulainen's entropy gathering patch - documentation.
Diffstat (limited to 'README.SSL')
-rw-r--r-- | README.SSL | 31 |
1 files changed, 21 insertions, 10 deletions
@@ -29,16 +29,27 @@ For example: If you get errors about lack of entropy, it means that Mutt was unable to find a source of random data to initialize SSL library with. Should this happen, you need to generate the data yourself and save it in a -file somewhere Mutt will find it. Mutt tries to use files -$SslEntropyFile, $RANDFILE (if this environment variable is set) and -~/.rnd in that order as source for random data. - -If your OpenSSL is version 0.9.5 or later, you should try EGD, Entropy -Gathering Daemon, from http://www.lothar.com/tech/crypto/ . Mutt will -try to find EGD sockets in the following places, $SslEntropyFile, -$EGDSOCKET (if this environment variable is set), ~/.entropy and -/tmp/entropy. If no socket is found, static files will be tried as -described above. +file pointed by $SslEntropyFile or $RANDFILE (environment) variables or +in ~/.rnd. + +One way to generate random data would be to run a command which +generates unpredictable output, for example 'ps aluxww' in Linux, and +calculating the MD5-sum from the output and saving it in a file. + +** Note: The contents of the file pointed by $RANDFILE environment +** variable (or ~/.rnd if unset) will be overwritten every time Mutt +** is run so don't put anything you can't afford to lose in that file. + +The files Mutt will try to use to initialize SSL library with are files +pointed by $SslEntropyFile and $RANDFILE (or ~/.rnd if unset.) If your +OpenSSL is version 0.9.5 or later, the previous files can also be EGD +sockets (see http://www.lothar.com/tech/crypto/ for more information +about Entropy Gathering Daemon) and in addition sockets in the following +places are tried: socket pointed by $EGDSOCKET environment variable, +~/.entropy and /tmp/entropy. + +All the files and sockets mentioned above must be owned by the user and +have permissions of 600. Certificates |