FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux General Discussion

 
 
LinkBack Thread Tools
 
Old 10-15-2011, 04:09 PM
Karol Blazewicz
 
Default cannot generate enough entropy for pacman-key --init

On Sat, Oct 15, 2011 at 5:56 PM, Alper Kanat <tunix@raptiye.org> wrote:
> Hey There,
>
> I have an Arch Linux box inside Virtualbox on a Mac that I use for
> development purposes. I connect to this machine via SSH without any visual
> interface. It's on [testing] and just upgraded to pacman 4.0 and after
> installation it asked me to run pacman-key --init to generate the necessary
> keys for my system. I did all of these inside GNU Screen (also tried without
> it without any luck):
>
> $ sudo pacman-key --init
> gpg: Generating pacman keychain master key...
>
> Not enough random bytes available. *Please do some other work to give
> the OS a chance to collect more entropy! (Need 300 more bytes)
>
>
> I pressed random bits with the keyboard but it didn't work so I fired up
> another window inside screen and did cat /dev/urandom > /dev/null but that
> also didn't work. So I found this [1] article and tried it again without any
> luck.
>
> So I'm basically stuck here. Can someone please help me? Since pacman is
> bricked, I can't also install anything. Now I have to manually downgrade
> pacman if I can't succeed.
>
> Thanks!
>
>
> [1] http://www.thingy-ma-jig.co.uk/blog/22-01-2010/generate-entropy-gnupg
>
> ---
> Quis custodiet ipsos custodes?
>

Have you tried just moving your mouse around?
 
Old 10-15-2011, 04:18 PM
Thomas S Hatch
 
Default cannot generate enough entropy for pacman-key --init

On Sat, Oct 15, 2011 at 9:56 AM, Alper Kanat <tunix@raptiye.org> wrote:

> Hey There,
>
> I have an Arch Linux box inside Virtualbox on a Mac that I use for
> development purposes. I connect to this machine via SSH without any visual
> interface. It's on [testing] and just upgraded to pacman 4.0 and after
> installation it asked me to run pacman-key --init to generate the necessary
> keys for my system. I did all of these inside GNU Screen (also tried
> without
> it without any luck):
>
> $ sudo pacman-key --init
> gpg: Generating pacman keychain master key...
>
> Not enough random bytes available. Please do some other work to give
> the OS a chance to collect more entropy! (Need 300 more bytes)
>
>
> I pressed random bits with the keyboard but it didn't work so I fired up
> another window inside screen and did cat /dev/urandom > /dev/null but that
> also didn't work. So I found this [1] article and tried it again without
> any
> luck.
>
> So I'm basically stuck here. Can someone please help me? Since pacman is
> bricked, I can't also install anything. Now I have to manually downgrade
> pacman if I can't succeed.
>
> Thanks!
>
>
> [1] http://www.thingy-ma-jig.co.uk/blog/22-01-2010/generate-entropy-gnupg
>
> ---
> Quis custodiet ipsos custodes?
>

This behavior is due to the use of /dev/random by the gpg backend. On Linux
systems there are two random data generators. urandom takes a random seed
from random and generates infinite pseudo random data.

the random interface only returns data based on entropy and therefore does
not generate pseudo random data, only truly random data. But the entropy
inputs through the Linux kernel is not infinite, so it will run out and the
random kernel interface will block waiting for new entropy to be generated.

GPG uses random over urandom because it returns better source random data,
and therefore creates a more secure key pair. The best way to overcome the
blocking of the random interface is to generate more entropy for the kernel
to send to the random kernel interface, aka - move the mouse around, it
might take a few minutes.
 
Old 10-15-2011, 04:23 PM
Alper Kanat
 
Default cannot generate enough entropy for pacman-key --init

Hello,

As I wrote earlier, I don't have a mouse interface at all since I'm
accessing the Arch box via SSH on my Mac. I checked the entropy level via
cat /proc/sys/kernel/random/entropy_level and it was around 58 at most. So I
installed rng-tools, changed TIMEOUT in /etc/conf.d/rngd from 0 to 10.

When I ran rngd -f -r /dev/urandom and ran pacman-key --init, it completed
in seconds. Issue solved. This is probably about being inside a VM which
limits the entropy level somehow.

---
Quis custodiet ipsos custodes?
 
Old 10-15-2011, 04:27 PM
Thomas S Hatch
 
Default cannot generate enough entropy for pacman-key --init

On Sat, Oct 15, 2011 at 10:23 AM, Alper Kanat <tunix@raptiye.org> wrote:

> Hello,
>
> As I wrote earlier, I don't have a mouse interface at all since I'm
> accessing the Arch box via SSH on my Mac. I checked the entropy level via
> cat /proc/sys/kernel/random/entropy_level and it was around 58 at most. So
> I
> installed rng-tools, changed TIMEOUT in /etc/conf.d/rngd from 0 to 10.
>
> When I ran rngd -f -r /dev/urandom and ran pacman-key --init, it completed
> in seconds. Issue solved. This is probably about being inside a VM which
> limits the entropy level somehow.
>
> Sorry, I missed that part about the mouse - but that was a very clever
move!
 

Thread Tools




All times are GMT. The time now is 12:54 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org