[Cialug] gpg and urandom problems

Jeff Davis cialug@cialug.org
Fri, 14 Jan 2005 15:36:37 -0600 

The error "cat: 0652-050 Cannot open /dev/urandom."
seems to suggest that it is a DLFF problem.
(I'm not very familiar with AIX.)

I found this at:
http://publib.boulder.ibm.com/infocenter/db2help/index.jsp?topic=/com.ibm.db2.udb.doc/opt/rz0fser2.htm


Table 16. Partial list of AIX commands that you might use to open a file without a token and 
the associated error message.
Command name 	Error message
cat filename 	cat: 0652-050 Cannot open filename.

Cause:
     This is a system message that displays when you attempt to read the contents of a file that
     is linked under Data Links Manager as a READ PERMISSION DB table column.

Action:
    To read the contents of the file, get a valid token from the database, and then re-issue the
    command.


I hope that helps.


-Jeff



Chris K. wrote:
> This is running on AIX 5.2 ML2.
> 
> No, we didn't try it with a passphrase as this will break the application
> that will be using the keys.
> 
> -----Original Message-----
> From: cialug-admin@cialug.org [mailto:cialug-admin@cialug.org] On Behalf Of
> Jeff Davis
> Sent: Friday, January 14, 2005 11:31 AM
> To: cialug@cialug.org
> Subject: Re: [Cialug] gpg and urandom problems
> 
> What OS/hardware are you running?
> 
> Does it work if you use a passphrase?
> 
> 
> 
> Chris K. wrote:
> 
>>My team has been fighting this issue for quite some time.  I am hoping one
>>of you will have some insite:
>>
>>gpg --gen-key
>>gpg (GnuPG) 1.2.1; Copyright (C) 2002 Free Software Foundation, Inc.
>>This program comes with ABSOLUTELY NO WARRANTY.
>>This is free software, and you are welcome to redistribute it
>>under certain conditions. See the file COPYING for details.
>>
>>gpg: WARNING: using insecure memory!
>>gpg: please see http://www.gnupg.org/faq.html for more information
>>Please select what kind of key you want:
>>(1) DSA and ElGamal (default)
>>(2) DSA (sign only)
>>(5) RSA (sign only)
>>Your selection?
>>DSA keypair will have 1024 bits.
>>About to generate a new ELG-E keypair.
>>minimum keysize is 768 bits
>>default keysize is 1024 bits
>>highest suggested keysize is 2048 bits
>>What keysize do you want? (1024)
>>Requested keysize is 1024 bits
>>Please specify how long the key should be valid.
>>0 = key does not expire
>><n> = key expires in n days
>><n>w = key expires in n weeks
>><n>m = key expires in n months
>><n>y = key expires in n years
>>Key is valid for? (0)
>>Key does not expire at all
>>Is this correct (y/n)? y
>>
>>You need a User-ID to identify your key; the software constructs the user
> 
> id
> 
>>from Real Name, Comment and Email Address in this form:
>>"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
>>
>>Real name: blah blah
>>Email address:
>>Comment: blah blah
>>You selected this USER-ID:
>>"blah blah (blah blah)"
>>
>>Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
>>You need a Passphrase to protect your secret key.
>>
>>You don't want a passphrase - this is probably a *bad* idea!
>>I will do it anyway. You can change your passphrase at any time,
>>using this program with the option "--edit-key".
>>
>>We need to generate a lot of random bytes. It is a good idea to perform
>>some other action (type on the keyboard, move the mouse, utilize the
>>disks) during the prime generation; this gives the random number
>>generator a better chance to gain enough entropy.
>>gpg: fatal: can't open /dev/urandom: There is a request to a device or
>>address that does not exist.
>>secmem usage: 1408/1536 bytes in 2/4 blocks of pool 1536/16384
>>
>>root@myserver:/>ls -l /dev/urandom
>>crw-r--r-- 1 root system 33, 1 Jun 18 2003 /dev/urandom
>>root@myserver:/>cat /dev/urandom
>>cat: 0652-050 Cannot open /dev/urandom.
>>
>>
>>Any thoughts would be greatly appreciated.  Thanks!
>>
>>Chris
>>
>>
>>
> 
>