Bitcoin Forum

Hi,
I'd like to generate a few bitcoin addresses for a paper wallet.
I tried www.bitaddress.org, it works fine but since I'm paranoid after reading this:
https://bitcointalk.org/index.php?topic=93129
 perhaps I should generate my own private key and use bitaddress.org offline only to generate the associated bitcoin address (public key).

I'm using linux.
How about this:
boot up a linux distro from an usb stick without going online.
move the mouse and type on the keyboard for a couple of mins to feed /dev/random with entropy
read 32 bytes (256bit) from /dev/random

for example:
head -c 32 /dev/random  | xxd

which dumps the 256bit sequence in hex format.
load the bitaddress.org javascript pre-stored on the usb stick.
go to the bitaddress.org page's Wallet Details and enter your private  key in hex format so that you get the associated public key (bitcoin address).
Write down on paper both public key and private key.
Turn off the computer.

Or should I take the output from /dev/random  and XOR it byte by byte with a long passphrase ? I guess if /dev/random works well then the additional XOR does not
add security.

Is there an alternative method to generate the public key (bitcoin address) from the private key by using a tool in C ? or by using the official bitcoin client?
If yes how?

Please let me know if the above method is regarded as very secure.

thanks for your suggestions,
Mark

What you're suggesting should be fine, but for some other options, see this (https://en.bitcoin.it/wiki/Paper_wallet) article.

I think, as long as you can really be sure, that your private key never got through your network-connection to someone else, you are safe using some random bits (no matter how they are created, as long as they are random. 12345... is not random ;))