There are two most problems with generating bitcoin private keys: true randomness and data security. The better randomness can be taken from some nature process. For simplicity here I will just use a coin to generate the binary input. The data security can be improved by using the so called "offline computer". For my case I am using the Raspberry Pi with Raspbian, electrium wallet and pybitcointools library installed. After the initial installation the computer is "plugged off" from internet forever.
The script below reacts only on two keys "0" and "1" in the key generation mode. So I am flipping the coin and input "0" or "1" depends from result. After key is generated the script asks the key name and saves private key to one file and public key and address to another file. Public file keyname.pub should be copied to usb stick and can be used in watching wallet, while private key is never leaving the "offline computer" and is used to sign the transactions. Please refer to electrium wallet docs for details.
- added key range check
- saving files in named by key folder
- prevent overwriting key files