[Cialug] gpg and urandom problems

Jeff Davis cialug@cialug.org
Fri, 14 Jan 2005 11:31:24 -0600 

What OS/hardware are you running?

Does it work if you use a passphrase?



Chris K. wrote:
> My team has been fighting this issue for quite some time.  I am hoping one
> of you will have some insite:
> 
> gpg --gen-key
> gpg (GnuPG) 1.2.1; Copyright (C) 2002 Free Software Foundation, Inc.
> This program comes with ABSOLUTELY NO WARRANTY.
> This is free software, and you are welcome to redistribute it
> under certain conditions. See the file COPYING for details.
> 
> gpg: WARNING: using insecure memory!
> gpg: please see http://www.gnupg.org/faq.html for more information
> Please select what kind of key you want:
> (1) DSA and ElGamal (default)
> (2) DSA (sign only)
> (5) RSA (sign only)
> Your selection?
> DSA keypair will have 1024 bits.
> About to generate a new ELG-E keypair.
> minimum keysize is 768 bits
> default keysize is 1024 bits
> highest suggested keysize is 2048 bits
> What keysize do you want? (1024)
> Requested keysize is 1024 bits
> Please specify how long the key should be valid.
> 0 = key does not expire
> <n> = key expires in n days
> <n>w = key expires in n weeks
> <n>m = key expires in n months
> <n>y = key expires in n years
> Key is valid for? (0)
> Key does not expire at all
> Is this correct (y/n)? y
> 
> You need a User-ID to identify your key; the software constructs the user id
> from Real Name, Comment and Email Address in this form:
> "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
> 
> Real name: blah blah
> Email address:
> Comment: blah blah
> You selected this USER-ID:
> "blah blah (blah blah)"
> 
> Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
> You need a Passphrase to protect your secret key.
> 
> You don't want a passphrase - this is probably a *bad* idea!
> I will do it anyway. You can change your passphrase at any time,
> using this program with the option "--edit-key".
> 
> We need to generate a lot of random bytes. It is a good idea to perform
> some other action (type on the keyboard, move the mouse, utilize the
> disks) during the prime generation; this gives the random number
> generator a better chance to gain enough entropy.
> gpg: fatal: can't open /dev/urandom: There is a request to a device or
> address that does not exist.
> secmem usage: 1408/1536 bytes in 2/4 blocks of pool 1536/16384
> 
> root@myserver:/>ls -l /dev/urandom
> crw-r--r-- 1 root system 33, 1 Jun 18 2003 /dev/urandom
> root@myserver:/>cat /dev/urandom
> cat: 0652-050 Cannot open /dev/urandom.
> 
> 
> Any thoughts would be greatly appreciated.  Thanks!
> 
> Chris
> 
> 
> 

-- 

Jeff Davis
Systems Administrator
Edwards Graphic Arts
515.280.9765
jeff.davis@ega.com