Can't load /root/.rnd into RNG : where can I find it, or how to create it?

I'm trying to setup a VPN server with OpenVPN, on an Ubuntu Server 18.04, and I want to use EasyRSA to build my PKI CA.

So, while connected as root, I launch the EasyRSA scripts which I copied to /etc/openvpn/easy-rsa. Everything works fine with ./clean-alland ./build-dh, but when I try to launch ./pkitool --initca, I get this error :

Can't load /root/.rnd into RNG
140171234709952:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd

In the openssl confing file (/etc/openvpn/easy-rsa/openssl-1.0.0.cnf), I find this line which indicates why it tries to reach /root/.rnd :

RANDFILE    = $ENV::HOME/.rnd

From what I read and understood online, .rnd is a seed that openssl uses to generate random numbers. The strange thing is : even though I get this error, the RSA private key IS generated by the script. I just fear that it is not random, since it lacks a seed.

So my problem is : this file doesn't exist on my system, it is not in /root/, not in /home/user/ which is my only other user, and find / -name ".rnd" returns nothing. Even find / -iname "*.rnd" returns nothing.

And I don't even know how I can create it, or if I understood this all wrong.


even though I get this error, the RSA private key IS generated by the script

The file doesn't need to exist; OpenSSL creates it on its own after the first time.

I just fear that it is not random, since it lacks a seed.

The OS provides the seed using its own RNG through /dev/urandom or through system calls such as getentropy() or CryptGenRandom(). There's no need for you to provide anything extra.

I would guess that the .rnd file is more or less a leftover from the days when the OS lacked a good CSPRNG, possibly when the Linux /dev/urandom was considered poor-quality (and /dev/random produced data very slowly due to "entropy accounting"). Now it is no longer the case, and relying entirely on a seed stored on some file in your homedir would actually be less secure.


Create one in expected path

cd ~/; openssl rand -writerand .rnd

OpenSSL creates it on its own after the first time.

Actually, it doesn't, no matter how many times I launch the script or if I just try to use the openssl rand command directly, it is never created.

But you were right : I generated two keys to check if they were different and they were.

Thank you for your help.


Remark the RANDFILE line in /etc/ssl/openssl.conf more