WKS server problems
Werner Koch
wk at gnupg.org
Sun Mar 22 20:55:23 CET 2020
On Sun, 22 Mar 2020 12:36, Andrew Gallagher said:
> On 22/03/2020 05:38, john doe wrote:
>> Do you have enough entropy on the VM?
>
> Argh, thank you. I thought I had enough entropy because monkeysphere
> created its trust root without issue, but installing haveged did fix the
> problem.
You might be better off using this:
--8<---------------cut here---------------start------------->8---
$ cat /etc/gcrypt/random.conf
# Options for the random generator
# We don't trust the the Jitter based thing - do not use it.
#disable-jent
only-urandom
--8<---------------cut here---------------end--------------->8---
instead if the very brittle and CPU dependent haveged. On any decent
Linux urandom is good enough. Right at some early boot stages and on a
fresh or not properly shutdown system, it might have too less entropy.
But if you have such concerns you should anyway use the latest Libgcrypt
which does not only mix in RDRAND but als entropy from its own
JitterRNG.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 2734 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200322/dc55e1c0/attachment.sig>
More information about the Gnupg-users
mailing list