Collecting entropy?

L. Sassaman rabbi@quickie.net
Thu, 30 Mar 2000 20:08:38 -0800 (PST) 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

GnuPG relies soley on /dev/random (or similar substites) to obtain
entropy. /dev/random gathers entropy from things lilke disk activity,
etc. You're depleting /dev/random and not doing enough system activity to
fill it up again.

This is the reason PGP, SSH, and a lot of SSL implementations use a PRNG
seeded with /dev/random, as this method is a lot faster than relying on
/dev/random alone.

On Fri, 31 Mar 2000, Darren Cook wrote:


> Hi,

> Each time I run gen-key, after answering all the questions it spends a few

> seconds putting dots and crosses on screen then says:

>   Not enough random bytes available.  Please do some other work to give

>   the OS a chance to collect more entropy! (Need 20 more bytes)

> 

> Then it seems to lock up. I've tried typing in that terminal, opening

> another one and running find and top, accessing the web server running on

> that machine, etc. But it still just sits there - no more dots or crosses.

> 

> top is telling me it has used 0:02 seconds of processor time and is

> currently using 0% of the processor. I left it around 10 minutes and

> nothing happened, so I killed it and tried again. Again upto 10 minutes so

> far.

> 

> top is also telling me another user has a perl script running at nice level

> 1 which is using up all free processor cycles (around 90%) - so that should

> be the work it needs shouldn't it?

> 

> Has it crashed? Could it be caused by a missing file (I did ./configure,

> then make, but as I don't have root access, I installed by manually copying

> the gpg binary and then copied options.skel and edited it).

> 

> Darren

> 

> P.S. BSD machine. I tried it on Linux last night (same manual

> installation), and had a similar problem, but it woke up after about one

> minute and finished making the key.

> 


__

L. Sassaman

System Administrator                |  "All of the chaos
Technology Consultant               |   Makes perfect sense..."
icq.. 10735603                      |
pgp.. finger://ns.quickie.net/rabbi |              --Joe Diffie



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1d (GNU/Linux)
Comment: OpenPGP Encrypted Email Preferred.

iD8DBQE45CTSPYrxsgmsCmoRAjr7AKDNYy25BgNa4aiejmq3yFMu2RwCRgCfeQUr
XpHnpSNp7yT4IlnA/lfJVZY=
=FzMM
-----END PGP SIGNATURE-----