[Cialug] gpg and urandom problems

Chris K. cialug@cialug.org
Fri, 14 Jan 2005 12:24:17 -0600


This is running on AIX 5.2 ML2.

No, we didn't try it with a passphrase as this will break the =
application
that will be using the keys.

-----Original Message-----
From: cialug-admin@cialug.org [mailto:cialug-admin@cialug.org] On Behalf =
Of
Jeff Davis
Sent: Friday, January 14, 2005 11:31 AM
To: cialug@cialug.org
Subject: Re: [Cialug] gpg and urandom problems

What OS/hardware are you running?

Does it work if you use a passphrase?



Chris K. wrote:
> My team has been fighting this issue for quite some time.  I am hoping =
one
> of you will have some insite:
>=20
> gpg --gen-key
> gpg (GnuPG) 1.2.1; Copyright (C) 2002 Free Software Foundation, Inc.
> This program comes with ABSOLUTELY NO WARRANTY.
> This is free software, and you are welcome to redistribute it
> under certain conditions. See the file COPYING for details.
>=20
> gpg: WARNING: using insecure memory!
> gpg: please see http://www.gnupg.org/faq.html for more information
> Please select what kind of key you want:
> (1) DSA and ElGamal (default)
> (2) DSA (sign only)
> (5) RSA (sign only)
> Your selection?
> DSA keypair will have 1024 bits.
> About to generate a new ELG-E keypair.
> minimum keysize is 768 bits
> default keysize is 1024 bits
> highest suggested keysize is 2048 bits
> What keysize do you want? (1024)
> Requested keysize is 1024 bits
> Please specify how long the key should be valid.
> 0 =3D key does not expire
> <n> =3D key expires in n days
> <n>w =3D key expires in n weeks
> <n>m =3D key expires in n months
> <n>y =3D key expires in n years
> Key is valid for? (0)
> Key does not expire at all
> Is this correct (y/n)? y
>=20
> You need a User-ID to identify your key; the software constructs the =
user
id
> from Real Name, Comment and Email Address in this form:
> "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
>=20
> Real name: blah blah
> Email address:
> Comment: blah blah
> You selected this USER-ID:
> "blah blah (blah blah)"
>=20
> Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
> You need a Passphrase to protect your secret key.
>=20
> You don't want a passphrase - this is probably a *bad* idea!
> I will do it anyway. You can change your passphrase at any time,
> using this program with the option "--edit-key".
>=20
> We need to generate a lot of random bytes. It is a good idea to =
perform
> some other action (type on the keyboard, move the mouse, utilize the
> disks) during the prime generation; this gives the random number
> generator a better chance to gain enough entropy.
> gpg: fatal: can't open /dev/urandom: There is a request to a device or
> address that does not exist.
> secmem usage: 1408/1536 bytes in 2/4 blocks of pool 1536/16384
>=20
> root@myserver:/>ls -l /dev/urandom
> crw-r--r-- 1 root system 33, 1 Jun 18 2003 /dev/urandom
> root@myserver:/>cat /dev/urandom
> cat: 0652-050 Cannot open /dev/urandom.
>=20
>=20
> Any thoughts would be greatly appreciated.  Thanks!
>=20
> Chris
>=20
>=20
>=20

--=20

Jeff Davis
Systems Administrator
Edwards Graphic Arts
515.280.9765
jeff.davis@ega.com

_______________________________________________
Cialug mailing list
Cialug@cialug.org
http://cialug.org/mailman/listinfo/cialug


--=20
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.6.11 - Release Date: 1/12/2005




-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.6.11 - Release Date: 1/12/2005