Problems with GNUpg 1.2.2 on AIX 5.2.0 (ML 1)

Werner Koch wk at gnupg.org
Sun Aug 3 12:47:01 CEST 2003


On Sat, 2 Aug 2003 08:35:09 -0600 (MDT), Nelson H F Beebe said:

> Try using /dev/urandom instead.  /dev/random is cryptographically
> strong, and will not return data until sufficient entropy has been

GnuPG knows about this and uses boths devices depending on the purpose
of the required random.  We try to make sure that the GnuPG internal
random pool has been seeded with a sufficient ammount of strong
entropy (/dev/random) and in addition a certain amoount of this
entropy is required for key generation.  For other purposes the GnuPG
internal pool might be just seeded by a possible PRNG (/dev/urandom).

The bottom line is that one should not replace /dev/random by
/dev/urandom.

If you don't want to generate keys, a workaround is to pre-create the
random-seed file (take 600 bytes random from somewhere).


Shalom-Salam,

   Werner

-- 
Werner Koch                                      <wk at gnupg.org>
The GnuPG Experts                                http://g10code.com
Free Software Foundation Europe	                 http://fsfeurope.org





More information about the Gnupg-devel mailing list