"I've ranted about this at length before, I'm sure--even in
print, in O'Reilly's Open Sources 2. But now Debian have proved me
right (again) beyond my wildest expectations. Two years ago, they
'fixed' a 'problem' in OpenSSL reported by valgrind by removing any
possibility of adding any entropy to OpenSSL's pool of
"The result of this is that for the last two years (from
Debian's 'Etch' release until now), anyone doing pretty much any
crypto on Debian (and hence Ubuntu) has been using easily guessable
keys. This includes SSH keys, SSL keys and OpenVPN keys..."
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.