[arch-general] cannot generate enough entropy for pacman-key --init
Hey There, I have an Arch Linux box inside Virtualbox on a Mac that I use for development purposes. I connect to this machine via SSH without any visual interface. It's on [testing] and just upgraded to pacman 4.0 and after installation it asked me to run pacman-key --init to generate the necessary keys for my system. I did all of these inside GNU Screen (also tried without it without any luck): $ sudo pacman-key --init gpg: Generating pacman keychain master key... Not enough random bytes available. Please do some other work to give the OS a chance to collect more entropy! (Need 300 more bytes) I pressed random bits with the keyboard but it didn't work so I fired up another window inside screen and did cat /dev/urandom > /dev/null but that also didn't work. So I found this [1] article and tried it again without any luck. So I'm basically stuck here. Can someone please help me? Since pacman is bricked, I can't also install anything. Now I have to manually downgrade pacman if I can't succeed. Thanks! [1] http://www.thingy-ma-jig.co.uk/blog/22-01-2010/generate-entropy-gnupg --- Quis custodiet ipsos custodes?
On Sat, Oct 15, 2011 at 5:56 PM, Alper Kanat <tunix@raptiye.org> wrote:
Hey There,
I have an Arch Linux box inside Virtualbox on a Mac that I use for development purposes. I connect to this machine via SSH without any visual interface. It's on [testing] and just upgraded to pacman 4.0 and after installation it asked me to run pacman-key --init to generate the necessary keys for my system. I did all of these inside GNU Screen (also tried without it without any luck):
$ sudo pacman-key --init gpg: Generating pacman keychain master key...
Not enough random bytes available. Please do some other work to give the OS a chance to collect more entropy! (Need 300 more bytes)
I pressed random bits with the keyboard but it didn't work so I fired up another window inside screen and did cat /dev/urandom > /dev/null but that also didn't work. So I found this [1] article and tried it again without any luck.
So I'm basically stuck here. Can someone please help me? Since pacman is bricked, I can't also install anything. Now I have to manually downgrade pacman if I can't succeed.
Thanks!
[1] http://www.thingy-ma-jig.co.uk/blog/22-01-2010/generate-entropy-gnupg
--- Quis custodiet ipsos custodes?
Have you tried just moving your mouse around?
On Sat, Oct 15, 2011 at 9:56 AM, Alper Kanat <tunix@raptiye.org> wrote:
Hey There,
I have an Arch Linux box inside Virtualbox on a Mac that I use for development purposes. I connect to this machine via SSH without any visual interface. It's on [testing] and just upgraded to pacman 4.0 and after installation it asked me to run pacman-key --init to generate the necessary keys for my system. I did all of these inside GNU Screen (also tried without it without any luck):
$ sudo pacman-key --init gpg: Generating pacman keychain master key...
Not enough random bytes available. Please do some other work to give the OS a chance to collect more entropy! (Need 300 more bytes)
I pressed random bits with the keyboard but it didn't work so I fired up another window inside screen and did cat /dev/urandom > /dev/null but that also didn't work. So I found this [1] article and tried it again without any luck.
So I'm basically stuck here. Can someone please help me? Since pacman is bricked, I can't also install anything. Now I have to manually downgrade pacman if I can't succeed.
Thanks!
[1] http://www.thingy-ma-jig.co.uk/blog/22-01-2010/generate-entropy-gnupg
--- Quis custodiet ipsos custodes?
This behavior is due to the use of /dev/random by the gpg backend. On Linux systems there are two random data generators. urandom takes a random seed from random and generates infinite pseudo random data. the random interface only returns data based on entropy and therefore does not generate pseudo random data, only truly random data. But the entropy inputs through the Linux kernel is not infinite, so it will run out and the random kernel interface will block waiting for new entropy to be generated. GPG uses random over urandom because it returns better source random data, and therefore creates a more secure key pair. The best way to overcome the blocking of the random interface is to generate more entropy for the kernel to send to the random kernel interface, aka - move the mouse around, it might take a few minutes.
Hello, As I wrote earlier, I don't have a mouse interface at all since I'm accessing the Arch box via SSH on my Mac. I checked the entropy level via cat /proc/sys/kernel/random/entropy_level and it was around 58 at most. So I installed rng-tools, changed TIMEOUT in /etc/conf.d/rngd from 0 to 10. When I ran rngd -f -r /dev/urandom and ran pacman-key --init, it completed in seconds. Issue solved. This is probably about being inside a VM which limits the entropy level somehow. --- Quis custodiet ipsos custodes?
On Sat, Oct 15, 2011 at 10:23 AM, Alper Kanat <tunix@raptiye.org> wrote:
Hello,
As I wrote earlier, I don't have a mouse interface at all since I'm accessing the Arch box via SSH on my Mac. I checked the entropy level via cat /proc/sys/kernel/random/entropy_level and it was around 58 at most. So I installed rng-tools, changed TIMEOUT in /etc/conf.d/rngd from 0 to 10.
When I ran rngd -f -r /dev/urandom and ran pacman-key --init, it completed in seconds. Issue solved. This is probably about being inside a VM which limits the entropy level somehow.
Sorry, I missed that part about the mouse - but that was a very clever move!
participants (3)
-
Alper Kanat
-
Karol Blazewicz
-
Thomas S Hatch