How do you achieve enough entropy for GPG key generation

If none of the more specific forums is the right place to ask

How do you achieve enough entropy for GPG key generation

Postby jaytelford » 2018-05-17 16:09

Hi guys,

I am having some problems here. I am trying to generate a gpg key so that I can sign my GitHub commits but I am struggling to get high enough entropy for the key to be created. How can I increase entropy in a low entropy system, so that my gpg keys are created.

thanks
jay
jaytelford
 
Posts: 13
Joined: 2018-05-09 10:56
Location: United KIngdom

Re: How do you achieve enough entropy for GPG key generation

Postby Head_on_a_Stick » 2018-05-17 16:22

Try
Code: Select all
# apt install haveged

Or get a hardware random number generator.
ESTRAGON: We always find something, eh, Didi, to give us the impression we exist?
VLADIMIR (impatiently): Yes, yes, we're magicians.
User avatar
Head_on_a_Stick
 
Posts: 7893
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: How do you achieve enough entropy for GPG key generation

Postby jaytelford » 2018-05-17 16:49

Head_on_a_Stick wrote:Try
Code: Select all
# apt install haveged


I read about installing that on several websites that I found while Google searching but I was a little bit concerned about installing something that would be generating a whole lot of random stuff in the background. Would haveged cause my server to operate at higher rate of entropy when haveged itself was notin use? Also; having looked, it seems that haveged installs several init scripts and requires changes to configuration files in order to work - potentially opening up security vulnerabilities?

I could be mistaken of course, so feel free to tell me so if I am. I am just concerned about installing something that I hadn't heard of until today.

Cheers
jay
jaytelford
 
Posts: 13
Joined: 2018-05-09 10:56
Location: United KIngdom

Re: How do you achieve enough entropy for GPG key generation

Postby Head_on_a_Stick » 2018-05-17 18:16

Disclaimer: I have no formal training in IT and I am not an IT professional, nor am I an expert on entropy or gpg keys.

That being said, I would strongly advise purchasing a hardware random number generator if true entropy is required, haveged does not provide a source of truly random numbers.

EDIT: haveged requires no configuration and operates automagically in Debian.
ESTRAGON: We always find something, eh, Didi, to give us the impression we exist?
VLADIMIR (impatiently): Yes, yes, we're magicians.
User avatar
Head_on_a_Stick
 
Posts: 7893
Joined: 2014-06-01 17:46
Location: /dev/chair


Return to General Questions

Who is online

Users browsing this forum: No registered users and 4 guests

fashionable