WKS server problems
john doe
johndoe65534 at mail.com
Mon Mar 23 10:16:44 CET 2020
On 3/22/2020 8:55 PM, Werner Koch via Gnupg-users wrote:
> On Sun, 22 Mar 2020 12:36, Andrew Gallagher said:
>> On 22/03/2020 05:38, john doe wrote:
>>> Do you have enough entropy on the VM?
>>
>> Argh, thank you. I thought I had enough entropy because monkeysphere
>> created its trust root without issue, but installing haveged did fix the
>> problem.
>
> You might be better off using this:
>
> --8<---------------cut here---------------start------------->8---
> $ cat /etc/gcrypt/random.conf
> # Options for the random generator
>
> # We don't trust the the Jitter based thing - do not use it.
> #disable-jent
>
> only-urandom
>
> --8<---------------cut here---------------end--------------->8---
>
> instead if the very brittle and CPU dependent haveged. On any decent
> Linux urandom is good enough. Right at some early boot stages and on a
> fresh or not properly shutdown system, it might have too less entropy.
> But if you have such concerns you should anyway use the latest Libgcrypt
> which does not only mix in RDRAND but als entropy from its own
> JitterRNG.
>
Thank you Werner, I wrapped the above as an one liner:
$ mkdir -p /etc/gcrypt && printf "# Options for the random
generator\n#\n#
https://lists.gnupg.org/pipermail/gnupg-users/2020-March/063372.html\n#\n#
We don't trust the Jitter based thing - do not use
it.\n#disable-jent\n\nonly-urandom\n" > /etc/gcrypt/random.conf
Note that this e-mail is folded by my mailer.
--
John Doe
More information about the Gnupg-users
mailing list