WKS server problems
Andrew Gallagher
andrewg at andrewg.com
Sun Mar 22 13:58:39 CET 2020
On 22/03/2020 03:17, Phil Pennock wrote:
> On 2020-03-21 at 23:30 +0000, Andrew Gallagher wrote:
>> I'm trying to follow the WKS instructions from the wiki[1] on a remote
>> VM, but it hangs at the key generation stage:
> [...]
>> gpg (GnuPG) 2.2.4
>
> Is this a newly created VM? Can you not use the opportunity of "nothing
> else on the system which needs to be left untouched" to install newer
> GnuPG?
I'm using vanilla ubuntu 18.04, but I'm having no problems otherwise
with the distro gnupg's wkd/wks support:
```
key-submission at keys1:~$ gpg --with-wkd-hash -K "$SUBMISSION_ADDRESS"
sec rsa3072 2020-03-22 [SC] [expires: 2022-03-22]
ABAAE8DD259B21B4B7C65EFC40DB83CEBF81AB3A
uid [ultimate] key-submission@<go away spiders>
54f6ry7x1qqtpor16txw5gdmdbbh6a73@<go away spiders>
ssb rsa3072 2020-03-22 [E]
key-submission at keys1:~$ gpg-wks-server --version
gpg-wks-server (GnuPG) 2.2.4
Copyright (C) 2017 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
```
I will be upgrading to 20.04 ASAP, however.
> Assuming Linux:
>
> For such an old GnuPG release, assuming an equally old libgcrypt, my
> best guess is that it's trying to use /dev/random for entropy and
> blocking, since /dev/urandom isn't safe (for key generation) on Linux.
Yes, that's probably the issue. As mentioned in my reply to John,
haveged cleaned up the problem.
Thanks, and sorry for the silly questions.
--
Andrew Gallagher
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200322/864fcd7e/attachment.sig>
More information about the Gnupg-users
mailing list