Collecting entropy?

L. Sassaman rabbi@quickie.net
Thu, 30 Mar 2000 20:08:38 -0800 (PST)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

GnuPG relies soley on /dev/random (or similar substites) to obtain
entropy. /dev/random gathers entropy from things lilke disk activity,
etc. You're depleting /dev/random and not doing enough system activity to
fill it up again.

This is the reason PGP, SSH, and a lot of SSL implementations use a PRNG
seeded with /dev/random, as this method is a lot faster than relying on
/dev/random alone.

On Fri, 31 Mar 2000, Darren Cook wrote:


> Hi,
> Each time I run gen-key, after answering all the questions it spends a few
> seconds putting dots and crosses on screen then says:
> Not enough random bytes available. Please do some other work to give
> the OS a chance to collect more entropy! (Need 20 more bytes)
>
> Then it seems to lock up. I've tried typing in that terminal, opening
> another one and running find and top, accessing the web server running on
> that machine, etc. But it still just sits there - no more dots or crosses.
>
> top is telling me it has used 0:02 seconds of processor time and is
> currently using 0% of the processor. I left it around 10 minutes and
> nothing happened, so I killed it and tried again. Again upto 10 minutes so
> far.
>
> top is also telling me another user has a perl script running at nice level
> 1 which is using up all free processor cycles (around 90%) - so that should
> be the work it needs shouldn't it?
>
> Has it crashed? Could it be caused by a missing file (I did ./configure,
> then make, but as I don't have root access, I installed by manually copying
> the gpg binary and then copied options.skel and edited it).
>
> Darren
>
> P.S. BSD machine. I tried it on Linux last night (same manual
> installation), and had a similar problem, but it woke up after about one
> minute and finished making the key.
>
__ L. Sassaman System Administrator | "All of the chaos Technology Consultant | Makes perfect sense..." icq.. 10735603 | pgp.. finger://ns.quickie.net/rabbi | --Joe Diffie -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1d (GNU/Linux) Comment: OpenPGP Encrypted Email Preferred. iD8DBQE45CTSPYrxsgmsCmoRAjr7AKDNYy25BgNa4aiejmq3yFMu2RwCRgCfeQUr XpHnpSNp7yT4IlnA/lfJVZY= =FzMM -----END PGP SIGNATURE-----