[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Problem with /dev/random?

On Thu, May 13, 2004 at 11:54:48AM -0700, Vladimir G. Ivanovic wrote:
> Well, I did as suggested. Nothing. 'cat' hangs:
>    open("/dev/random", O_RDONLY|O_LARGEFILE) = 3
>    fstat64(3, {st_mode=S_IFCHR|0644, st_rdev=makedev(1, 8), ...}) = 0
>    read(3, 
> and never writes anything to the screen.
> How do I get GnuPG to generate keys? Do I have a problem with
> /dev/random? (/dev/urandom seems to work. It spits out garbage
> continuously when cat'ed.)

I can maybe help a little here.

/dev/random pulls random numbers from the kernel's entropy pool, and
if the kernel estimates that there is not enough entropy, it blocks
until there is enough entropy.  /dev/urandom also produces random
numbers but it doesn't block when the entropy estimation runs out.
Normally /dev/urandom is about as good as /dev/random, but NOT in your
case, because you seem to have no source of entropy.

The easiest and least controversial source of entropy for most
computers is the timing of mouse mouse movement.  The keyboard is also
good.  Less good is the timing of network packets or variation in disk
activity timings.  Keyboards and mice usually default to producing
entropy, I don't think other sources do.

In your case you seem to have no sources of entropy.  Are you logged
in remotely?  (If so, can someone wiggle the mouse?)

Off the top of my head, I don't know what you should do next.  I think
there is a way to enable entropy collection for a given device on a
live machine, but I don't remember how.

A related issue: On shutdown the system saves the entropy pool to
disk, and on startup it restores the entropy pool from disk.  This
means the very first time a new install boots, there is no entropy
until some hgas had a chance to build up from someplace.  At least in
RH 9 the system also creates some keys on the first boot--at a point
when there is no entropy!  (I forget which keys, I know I created
fresh ones on my box once I discovered that.)  Does Fedora have this
bug too?


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]