1. Home
  2. Raspberry Pi Group
  3. gpg --gen-key not generate in raspberry B whith raspbian

gpg --gen-key not generate in raspberry B whith raspbian

Not generate the key.

Connected over ssh on oher PC with debian.

gpg --gen-key gpg (GnuPG) 1.4.12; Copyright (C) 2012 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection? RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) Requested keysize is 2048 bits Please specify how long the key should be valid. 0 = key does not expire = key expires in n days w = key expires in n weeks m = key expires in n months y = key expires in n years Key is valid for? (0) Key does not expire at all Is this correct? (y/N) y

You need a user ID to identify your key; the software constructs the user ID from the Real Name, Comment and Email Address in this form: "Heinrich Heine (Der Dichter) "

Real name: tester Email address: snipped-for-privacy@example.com Comment: example You selected this USER-ID: "tester (example) "

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O You need a Passphrase to protect your secret key.

You don't want a passphrase - this is probably a *bad* idea! I will do it anyway. You can change your passphrase at any time, using this program with the option "--edit-key".

We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy.

Not enough random bytes available. Please do some other work to give the OS a chance to collect more entropy! (Need 263 more bytes)

At this time, pressed other 4000 key, move mouse, wait ten minutes, nothing!

The string "Not enough random bytes available. ... (Need 263 more bytes)" is displayed after approx 2 seconds after "We need to generate a lot of random bytes...".

What is wrong?

Reply to
BIG Umberto
Loading thread data ...

Have a read through

formatting link

Can you use another machine for this?

--
Adrian C
Reply to
Adrian Caspersz

comp.sys.raspberry-pi ha scritto:

No-one work. I not install rng-tools because is deprecated in theared. Added a usb-mouse and move it but the problem is the same.

Have tested with an: dd if=/dev/urandom of=/dev/null bs=1M count=120 & before generate key, but... nothing!

I think the problems are: Raspberry has not monitor, not keyboard and not mouse. Raspberry start whithout a user login, but is connect only with ssh.

In other machine (debian lenny, and old gpg) work perfect and fast.

Reply to
BIG Umberto

es)" is

random

Generating pseudo random bytes like that wont help it's just an algorithmic sequence, what it is lacking is entropy - external randomness .

That is the problem, keyboard and mouse events are sources of external randomness which it can use to see it's pseudo random number generator. Without these the pseudo random numbers generated, and hence keys derived from them, are entirely predicable.

You can use another desktop machine, otherwise you do need to use the built-in hardware random number generator with rng-tools.

---druck

Reply to
druck

I'd have thought just pinging localhost a lot very fast would increase the entropy available.

Reply to
Rob Morley

AFAIK the Linux kernel doesn't use network input as a source of entropy, because it might be controlled by an attacker. (I don't think this is a good decision: While it is true that an attacker might get the system to overestimate the entropy available, it wastes a nice source of entropy).

hp

--
   _  | Peter J. Holzer    | Fluch der elektronischen Textverarbeitung: 
|_|_) |                    | Man feilt solange an seinen Text um, bis 
| |   | hjp@hjp.at         | die Satzbestandteile des Satzes nicht mehr
Reply to
Peter J. Holzer

You may find the haveged package will do what you need.

formatting link

haveged is a userspace entropy daemon which is not dependent upon the standard mechanisms for harvesting randomness for the system entropy pool. This is important in systems with high entropy needs or limited user interaction (e.g. headless servers).

Also:

formatting link
for some light reading. And Arch Linux has pretty good docs, in this case about rng-tools, but still some useful bits.

formatting link

rngd allows the use of faster entropy sources, mainly hardware random number generators (TRNG), present in modern hardware like recent AMD/Intel processors, Via Nano or even Raspberry Pi.

Ah, and after looking thru that page, that's how I found the haveged package.

If your system does not have an available TRNG consider using haveged instead.

--
Consulting Minister for Consultants, DNRC 
I can please only one person per day. Today is not your day. Tomorrow 
isn't looking good, either. 
I am BOFH. Resistance is futile. Your network will be assimilated.
Reply to
I R A Darth Aggie

ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.