generate enough entropy to generate a GPG key on a linode?
gpg --gen-key never finishes. It never has enough entropy to generate a key. Nothing I've tried seems to generate enough… disk intensive things like running mandb in while loops, long-running ping's across the network, using dd to read from /dev/zero a Gig to a disk file… nada.
Has anyone ever generated a gpg key on a linode?
What am I missing?
2 Replies
dsmith
Linode Staff
So I was able to generate a key with rngd, which is designed with entropy in mind.
From man rngd
DESCRIPTION: This daemon feeds entropy from a trusted source of true randomness (called an entropy source) such as a hardware true random number generator (TRNG), to an entropy sink such as the kernel's entropy pool. It does so only after checking the data to ensure that it is suitably random.
On my Debian machine I installed the tool with:
sudo apt install rng-tools
Then, started it up:
sudo rngd -r /dev/urandom
I tried using /dev/random first, but that still wasn't enough so I went with /urandom, where u stands for unlimited. You can read more about /dev/urandom here.
Once that is running go ahead and generate the key like normal. You'll want to kill the rngd once you generate the key. So, get the pid:
ps -aux | grep rngd
root 7886 0.0 0.0 96536 1216 ? SLsl 04:13 0:00 rngd -r /dev/urandom
Then kill it:
sudo kill 7886
