diff --git a/onepush.sh b/onepush.sh
index 9b777b2..5e0c598 100644
--- a/onepush.sh
+++ b/onepush.sh
@@ -57,7 +57,7 @@ SEARXNG_CONFIG_DIR="/srv/searxng"
 echo "▶️ [1/9] Installing dependencies..."
 export DEBIAN_FRONTEND=noninteractive
 apt-get update
-BASE_PACKAGES="ca-certificates curl gnupg nginx certbot python3-certbot-nginx fail2ban unattended-upgrades openssl"
+BASE_PACKAGES="ca-certificates curl gnupg nginx certbot python3-certbot-nginx fail2ban unattended-upgrades"
 if [[ "${DEPLOY_SEARXNG,,}" == "y" ]]; then apt-get install -y $BASE_PACKAGES apache2-utils; else apt-get install -y $BASE_PACKAGES; fi
 
 # --- Step 2: Firewall Management ---
@@ -104,7 +104,9 @@ EOF
     sudo chown 1000:1000 "$SEARXNG_CONFIG_DIR/user.yml"
 
     # Generate a robust, shell-safe secret key
-    SECRET_KEY=$(openssl rand -hex 32)
+    set +o pipefail
+    SECRET_KEY=$(tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 32)
+    set -o pipefail
 
     # Build the docker run command safely in an array
     docker_cmd=(