> On May 23, 2018, at 1:08 PM, redpath <redpath@xxxxxxxxxx> wrote: > > SO if I add this RAND usage below, em I seeding to assure a different RSA key > pair each time run of > creating a RSA pair. > > I would certainly replace the time with the UUID of the device to be unique > to the device. > You would have to acquire the device to know the seeding. Hey keep the Time > one too. NO. Seeding exclusively in this way is a terrible idea and MUST NOT be done. You need considerably more randomness than found in a timestamp or a device serial number. It is not enough for keys to be unique, they need to be computationally unpredictable. If the device is generating keys it needs a decent source of randomness. Otherwise, keys might need to be generated elsewhere and loaded onto the device. -- -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users