Can't gpg --gen-key
Thu Aug 23 13:03:02 2001
Werner Koch, at 09:53 +0200 on 23 Aug 2001, wrote:
1. Don't use telnet - it is ridiculous to send the passphrase in clear
They could be using IPsec, OTP, or Kerberos.
2. If you need to do this on a remote machine, use SSH .
You mean a free ssh client, no? :)
3. You should enable the random device on FreeBSD, I don't know how to
do it, but with a proper confiuration the machine can collect
enough entropy even without someone hitting on the keyboard.
It should help to start some background jobs like "find / -type f
xargs -n 100 grep jhdgfjhf"
This is a FAQ. The answer is to use rndcontrol(8) to add IRQ's to the
entropy-gathering utility. Perhaps if GnuPG is used on a BSD, this could
be spit out when --gen-key is performed.
 Entering passphrases over an SSH channel is not as secure as
believed, it may be better to pipe the passphrase to the remote
machine. See the recent Song/Wagner/Tian paper - it is in the news.
Or use public/private keys.
Frank Tobin http://www.neverending.org/~ftobin/