Random_seed File Locking on NFS File System Across Networks/Domains Hangs

Werner Koch wk at gnupg.org
Mon Apr 26 18:07:10 CEST 2021


On Sun, 25 Apr 2021 23:12, Shawn K. Quinn said:

> Now, for me, that begs the question: what does the internal random pool
> offer that simply using /dev/random (or better yet a quality HWRNG) does
> not?

It speeds up the initial seeding of gpg and gpg-agent's the internal
RNGs if the system's entropy sources is slow.  These days it is of less
use and in some cases a

echo only-urandom >/etc/gcrypt/random.conf

might be all what is required to speed up things.  Note that this
affects all processes using Libgcrypt so it might be advisable to clear
this right at system startup and set it only after the early boot
phases.  YMMV


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210426/460393c9/attachment-0001.sig>


More information about the Gnupg-users mailing list