haaveged + gpg --sign fails with "signing failed: Operation cancelled"

Doug Barton dougb at dougbarton.email
Wed Mar 29 07:44:26 CEST 2017

That's not how you use haveged. It is supposed to start when the system 
boots, and run in the background, collecting entropy to seed the PRNG.

That said, if you are using a card for signing that's way more likely to 
be involved in the problems you're seeing. Try creating a key on the 
file system, and test using that first. If that works, then you've 
narrowed down your problems.


On 03/22/2017 11:33 PM, Rainer Hoerbe wrote:
> Just for the record: Adding entropy using haveged does not work in my setup - it will cause the signature to fail without useful error message.
> My setup is:
> Linux keymgmt 4.9.14-200.fc25.x86_64 #1 SMP Mon Mar 13 19:26:40 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
> gpg (GnuPG) 2.0.22
> libgcrypt 1.5.3
> The procedure that repeatedly fails when including haveged:
> sudo /usr/sbin/pcscd
> sudo /usr/sbin/haveged
> gpg2 --import my_pub.gpg
> gpg2 --card-status
> echo -e "trust\n5\ny" > /tmp/gpg_editkey.cmd
> gpg2 --command-file /tmp/gpg_editkey.cmd --edit-key
> gpg2 --sign mydoc.txt
> Regards,
> Rainer Hörbe
> Identinetics GmbH
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

More information about the Gnupg-users mailing list