Posted: Tue May 04, 2010 1:41 am Post subject: gpg --gen-key: gaining enough "entropy"
I am trying to use gpg-gen on my Ubuntu system to generate PGP keys and am getting the message:
"Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 281 more bytes)"
I've read quite a few posts and threads and even a webpage dedicated to the concept of generating keys, \/dev\/random, gaining enough "entropy", etc - but cannot seem to satisfy my installation of gpg. I am ssh'ing into the machine, so keyboard/mouse activity at the moment is not part of the equation. I could get over there on the console if necessary. I have opened up several sessions and done the following things simultaneously in different windows:
find / &
grep -R *whatever* ./*
sftp'ing large files over from other machines
a shell script that iteratively runs the "who" command
du -sk * from "/"
Yet when I watch /proc/sys/kernel/random/entropy_avail I don't see that number going above 190, and I assume that based on the above prompt - and this is just a guess - that the number needs to get above 281 for some period of time. In fact, even when I have several of the above things going, it is hard to tell whether I am really influencing that number or not. I don't see a strong pattern in the fluctuation of that number.
Does anyone have any suggestions for getting this gpg thing to work?
Joined: 21 Sep 2003 Posts: 16777097 Location: Portugal
Posted: Wed May 05, 2010 12:24 am Post subject:
You really shouldn't create the key pair remotely. It is hard to generate enough good quality entropy without actual physical interaction with the machine. Also, the SSH daemon will eat away most of your entropy to maintain the active ssh connection.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum