NetBSD and GPG

From PrgmrWiki
Revision as of 14:03, 16 February 2011 by Gthank (talk | contribs) (How to generate GPG keys)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

GPG 1.x

If you've tried to generate some gpg keys on your NetBSD domU, you probably noticed that it just hangs there and tells you that it still needs 300 bytes of entropy. The exact error is included below. No matter what you do, NetBSD never seems to generate any entropy. It turns out that NetBSD disables all sources of entropy by default on a domU (source via Nick—Thanks!). To enable some sources of entropy and thereby enable the generation of gpg keys (and probably other useful things), you need to use rndctl. I decided that I would use all my disks and network interfaces as potential sources of entropy, so I ran the following: #rndctl -c -t disk ; ndctl -c -t net. After this, $ gpg --gen-key ran like a charm.

Not enough random bytes available.  Please do some other work to give the OS a chance to collect more entropy! (Need 300 more bytes)

GPG 2.x

When I tried to use gpg2 to generate keys, everything proceeded apace until I was prompted for a passphrase for the new keypair. The prompt showed up in some curses-esque UI that did not respond to any input. I have no idea what was going on, so I fell back to GPG 1.x, which seems to be working fine.