Problem generating GPG Keys

Latest response

Hello,

I am following the article below
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sect-security_guide-encryption-gpg-creating_gpg_keys_using_the_command_line

however when it gets to step 8 asking me to just type randomly or move my mouse....i do so for quite a while...i am 10 lines deep now on random characters but its never stopping me o prompting me that its complete and finished generating. Does anyone know why or how long this process can/should take.... or most likely what I am doing wrong?

thanks

Responses

Hi Brian,

Couple of suggestions:

a) Check Red Hat article (talks about package haveged and rng-tools):

https://access.redhat.com/solutions/3236341

b) What is the current value on your server:

# cat /proc/sys/kernel/random/entropy_avail

Anything below around 1000 is going to take a long time to generate randomness using /dev/random as apps will block until you have enough entropy. In other words, you will see slow speed while generating keys or using OpenSSL APIs.

c) Did you install rng-tools?

d) One of the small tricks is to generate MD5 hash of the whole disk:

# find /dev/disk/by-uuid/ -type l | xargs md5sum

# gpg2 --gen-key ...

e) Even this can generate enough entropy on a reasonably sized server:

# ls -R /

# gpg2 --gen-key ...

Regards,

Dusan Baljevic (amateur radio VK2COT)