On 2020-04-14 21:54:27 [+0000], Thorsten Glaser wrote: > Sebastian Andrzej Siewior dixit: > > I’d expect the content of the file to be mixed in at startup > and updated from the OpenSSL-internal pool, like in earlier > versions.
No, this is mostly gone as part of the rewrite of RNG. From the documentation: | OpenSSL 1.1.1 introduced a new random generator (CSPRNG) with an improved | seeding mechanism. The new seeding mechanism makes it unnecessary to | define a RANDFILE for saving and restoring randomness. This option is | retained mainly for compatibility reasons. The RANDFILE is gone from the default configuration (as shipped with the openssl package). If you add it manually, only a few commands, like `openssl ca', will continue to read and write that file. The `openssl rand' is not one of them. > bye, > //mirabilos Sebastian
