Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. users
Problems with the gnupg 1.0.1 and FreeBSD 3.3
dstenn at fanfic
Apr 11, 2000, 11:12 PM
Post #1 of 7 (1062 views)
Permalink
I have 2 systems and in both case I'm getting stuck generating key pairs.
I have exhausted my possibilities on www.gnupg.org as well as other gnupg
pages. I've also emailed the FreeBSD gnupg ports maintainer and asked
this same question. The two accounts I have are dstenn@fanfic.org and
dtenn@uu.net. I really hope you can help.

I have successfully compiled and installed gnupg 1.0.1 but when I run

gpg --gen-key

and answer all the questions I get stuck. Here is the out put so far..

[/home/dtenn]
jpdata1:dtenn# gpg --gen-key
gpg (GnuPG) 1.0.1; Copyright (C) 1999 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.

gpg: /home/dtenn/.gnupg/secring.gpg: keyring created
gpg: /home/dtenn/.gnupg/pubring.gpg: keyring created
Please select what kind of key you want:
(1) DSA and ElGamal (default)
(2) DSA (sign only)
(4) ElGamal (sign and encrypt)
Your selection? 1
DSA keypair will have 1024 bits.
About to generate a new ELG-E keypair.
minimum keysize is 768 bits
default keysize is 1024 bits
highest suggested keysize is 2048 bits
Requested keysize is 1024 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 2y
Key expires at Fri Apr 12 14:32:28 2002 JST
Is this correct (y/n)? y

You need a User-ID to identify your key; the software constructs the user
id
from Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

Real name: Dennis Tenn
Email address: dtenn@uu.net
Comment:
You selected this USER-ID:
"Dennis Tenn <dtenn@uu.net>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
You need a Passphrase to protect your secret key.

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
+++++.++++++++++.+++++++++++++++++++++++++++++++++++.++++++++++++++++++++++++++++++++++++++++.+++++++++++++++.+++++++++++++++.++++++++++>++++++++++.>..+++++....................................................+++++

Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 18 more bytes)

Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 2 more bytes)

Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 2 more bytes)
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
++++++++++..++++++++++.++++++++++..+++++..++++++++++++++++++++.++++++++++.+++++.++++++++++++++++++++.++++++++++.++++++++++++++++++++....++++++++++..>+++++...........................................................+++++^^^

Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 128 more bytes)

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Dennis Tenn * There will always come a time
dstenn@fanfic.org * When your love will be tested
LICQ# 1457509 * Stand tall and rise to the occasion
* For only then will you grow strong.
* -Anonymous
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Re: Problems with the gnupg 1.0.1 and FreeBSD 3.3 [ In reply to ]
pauld at pinnacle
Apr 11, 2000, 11:40 PM
Post #2 of 7 (1057 views)
Permalink
Hi Dennis,
I get this a lot myself. I'm running gnupg on an old sparc 2 running
redhat 6.1 . I'm using this machine for development so its not doing
anything other than my telnet session usually. I get around this problem by
working on the console and bashing away at the keyboard frantically until
the key is generated. I also keep the key length down to 1024, which is
annoying to say the least. It took be a while to figure out that typing on
the keyboard from a remote session doesn't do any good, is this perhaps what
you are doing?

HTH

Paul.
----- Original Message -----
From: Dennis Tenn <dstenn@fanfic.org>
To: <gnupg-users@gnupg.org>
Cc: <dstenn@fanfic.org>; <dtenn@uu.net>
Sent: Wednesday, April 12, 2000 7:12 AM
Subject: Problems with the gnupg 1.0.1 and FreeBSD 3.3


> I have 2 systems and in both case I'm getting stuck generating key pairs.
> I have exhausted my possibilities on www.gnupg.org as well as other gnupg
> pages. I've also emailed the FreeBSD gnupg ports maintainer and asked
> this same question. The two accounts I have are dstenn@fanfic.org and
> dtenn@uu.net. I really hope you can help.
>
> I have successfully compiled and installed gnupg 1.0.1 but when I run
>
> gpg --gen-key
>
> and answer all the questions I get stuck. Here is the out put so far..
>
> [/home/dtenn]
> jpdata1:dtenn# gpg --gen-key
> gpg (GnuPG) 1.0.1; Copyright (C) 1999 Free Software Foundation, Inc.
> This program comes with ABSOLUTELY NO WARRANTY.
> This is free software, and you are welcome to redistribute it
> under certain conditions. See the file COPYING for details.
>
> gpg: /home/dtenn/.gnupg/secring.gpg: keyring created
> gpg: /home/dtenn/.gnupg/pubring.gpg: keyring created
> Please select what kind of key you want:
> (1) DSA and ElGamal (default)
> (2) DSA (sign only)
> (4) ElGamal (sign and encrypt)
> Your selection? 1
> DSA keypair will have 1024 bits.
> About to generate a new ELG-E keypair.
> minimum keysize is 768 bits
> default keysize is 1024 bits
> highest suggested keysize is 2048 bits
> Requested keysize is 1024 bits
> Please specify how long the key should be valid.
> 0 = key does not expire
> <n> = key expires in n days
> <n>w = key expires in n weeks
> <n>m = key expires in n months
> <n>y = key expires in n years
> Key is valid for? (0) 2y
> Key expires at Fri Apr 12 14:32:28 2002 JST
> Is this correct (y/n)? y
>
> You need a User-ID to identify your key; the software constructs the user
> id
> from Real Name, Comment and Email Address in this form:
> "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
>
> Real name: Dennis Tenn
> Email address: dtenn@uu.net
> Comment:
> You selected this USER-ID:
> "Dennis Tenn <dtenn@uu.net>"
>
> Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
> You need a Passphrase to protect your secret key.
>
> We need to generate a lot of random bytes. It is a good idea to perform
> some other action (type on the keyboard, move the mouse, utilize the
> disks) during the prime generation; this gives the random number
> generator a better chance to gain enough entropy.
>
+++++.++++++++++.+++++++++++++++++++++++++++++++++++.+++++++++++++++++++++++
+++++++++++++++++.+++++++++++++++.+++++++++++++++.++++++++++>++++++++++.>..+
++++....................................................+++++
>
> Not enough random bytes available. Please do some other work to give
> the OS a chance to collect more entropy! (Need 18 more bytes)
>
> Not enough random bytes available. Please do some other work to give
> the OS a chance to collect more entropy! (Need 2 more bytes)
>
> Not enough random bytes available. Please do some other work to give
> the OS a chance to collect more entropy! (Need 2 more bytes)
> We need to generate a lot of random bytes. It is a good idea to perform
> some other action (type on the keyboard, move the mouse, utilize the
> disks) during the prime generation; this gives the random number
> generator a better chance to gain enough entropy.
>
++++++++++..++++++++++.++++++++++..+++++..++++++++++++++++++++.++++++++++.++
+++.++++++++++++++++++++.++++++++++.++++++++++++++++++++....++++++++++..>+++
++...........................................................+++++^^^
>
> Not enough random bytes available. Please do some other work to give
> the OS a chance to collect more entropy! (Need 128 more bytes)
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Dennis Tenn * There will always come a time
> dstenn@fanfic.org * When your love will be tested
> LICQ# 1457509 * Stand tall and rise to the occasion
> * For only then will you grow strong.
> * -Anonymous
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
>
>
Re: Problems with the gnupg 1.0.1 and FreeBSD 3.3 [ In reply to ]
minter at lunenburg
Apr 12, 2000, 5:02 AM
Post #3 of 7 (1055 views)
Permalink
I had that problem - banging on the keyboard didn't work for me, since I
was coming in over a telnet/SSH link. One thing I found was, before doing
the --gen-key, was to run "find / &" to get the disk churning. There was
plenty of entropy after that.

On Wed, 12 Apr 2000, Dennis Tenn wrote:

> I have 2 systems and in both case I'm getting stuck generating key pairs.
> I have exhausted my possibilities on www.gnupg.org as well as other gnupg
> pages. I've also emailed the FreeBSD gnupg ports maintainer and asked
> this same question. The two accounts I have are dstenn@fanfic.org and
> dtenn@uu.net. I really hope you can help.
>
> I have successfully compiled and installed gnupg 1.0.1 but when I run
>
> gpg --gen-key
>
> and answer all the questions I get stuck. Here is the out put so far..
>
> [/home/dtenn]
> jpdata1:dtenn# gpg --gen-key
> gpg (GnuPG) 1.0.1; Copyright (C) 1999 Free Software Foundation, Inc.
> This program comes with ABSOLUTELY NO WARRANTY.
> This is free software, and you are welcome to redistribute it
> under certain conditions. See the file COPYING for details.
>
> gpg: /home/dtenn/.gnupg/secring.gpg: keyring created
> gpg: /home/dtenn/.gnupg/pubring.gpg: keyring created
> Please select what kind of key you want:
> (1) DSA and ElGamal (default)
> (2) DSA (sign only)
> (4) ElGamal (sign and encrypt)
> Your selection? 1
> DSA keypair will have 1024 bits.
> About to generate a new ELG-E keypair.
> minimum keysize is 768 bits
> default keysize is 1024 bits
> highest suggested keysize is 2048 bits
> Requested keysize is 1024 bits
> Please specify how long the key should be valid.
> 0 = key does not expire
> <n> = key expires in n days
> <n>w = key expires in n weeks
> <n>m = key expires in n months
> <n>y = key expires in n years
> Key is valid for? (0) 2y
> Key expires at Fri Apr 12 14:32:28 2002 JST
> Is this correct (y/n)? y
>
> You need a User-ID to identify your key; the software constructs the user
> id
> from Real Name, Comment and Email Address in this form:
> "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
>
> Real name: Dennis Tenn
> Email address: dtenn@uu.net
> Comment:
> You selected this USER-ID:
> "Dennis Tenn <dtenn@uu.net>"
>
> Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
> You need a Passphrase to protect your secret key.
>
> We need to generate a lot of random bytes. It is a good idea to perform
> some other action (type on the keyboard, move the mouse, utilize the
> disks) during the prime generation; this gives the random number
> generator a better chance to gain enough entropy.
> +++++.++++++++++.+++++++++++++++++++++++++++++++++++.++++++++++++++++++++++++++++++++++++++++.+++++++++++++++.+++++++++++++++.++++++++++>++++++++++.>..+++++....................................................+++++
>
> Not enough random bytes available. Please do some other work to give
> the OS a chance to collect more entropy! (Need 18 more bytes)
>
> Not enough random bytes available. Please do some other work to give
> the OS a chance to collect more entropy! (Need 2 more bytes)
>
> Not enough random bytes available. Please do some other work to give
> the OS a chance to collect more entropy! (Need 2 more bytes)
> We need to generate a lot of random bytes. It is a good idea to perform
> some other action (type on the keyboard, move the mouse, utilize the
> disks) during the prime generation; this gives the random number
> generator a better chance to gain enough entropy.
> ++++++++++..++++++++++.++++++++++..+++++..++++++++++++++++++++.++++++++++.+++++.++++++++++++++++++++.++++++++++.++++++++++++++++++++....++++++++++..>+++++...........................................................+++++^^^
>
> Not enough random bytes available. Please do some other work to give
> the OS a chance to collect more entropy! (Need 128 more bytes)
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Dennis Tenn * There will always come a time
> dstenn@fanfic.org * When your love will be tested
> LICQ# 1457509 * Stand tall and rise to the occasion
> * For only then will you grow strong.
> * -Anonymous
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
>
>
Re: Problems with the gnupg 1.0.1 and FreeBSD 3.3 [ In reply to ]
dstenn at fanfic
Apr 12, 2000, 6:21 AM
Post #4 of 7 (1057 views)
Permalink
Well.. To tell you the truth.. I ran a 'make buildworld' and concurrent
'find / &' and as an update to the problem.. It did finally complete but
it took many hours on my P266. This doesn't seem right to me.

On Wed, 12 Apr 2000, H. Wade Minter wrote:

|I had that problem - banging on the keyboard didn't work for me, since I
|was coming in over a telnet/SSH link. One thing I found was, before doing
|the --gen-key, was to run "find / &" to get the disk churning. There was
|plenty of entropy after that.
|
|On Wed, 12 Apr 2000, Dennis Tenn wrote:
|
|> I have 2 systems and in both case I'm getting stuck generating key pairs.
|> I have exhausted my possibilities on www.gnupg.org as well as other gnupg
|> pages. I've also emailed the FreeBSD gnupg ports maintainer and asked
|> this same question. The two accounts I have are dstenn@fanfic.org and
|> dtenn@uu.net. I really hope you can help.
|>
|> I have successfully compiled and installed gnupg 1.0.1 but when I run
|>
|> gpg --gen-key
|>
|> and answer all the questions I get stuck. Here is the out put so far..
|>
|> [/home/dtenn]
|> jpdata1:dtenn# gpg --gen-key
|> gpg (GnuPG) 1.0.1; Copyright (C) 1999 Free Software Foundation, Inc.

<much snippage>

|> Not enough random bytes available. Please do some other work to give
|> the OS a chance to collect more entropy! (Need 2 more bytes)
|> We need to generate a lot of random bytes. It is a good idea to perform
|> some other action (type on the keyboard, move the mouse, utilize the
|> disks) during the prime generation; this gives the random number
|> generator a better chance to gain enough entropy.
|> ++++++++++..++++++++++.++++++++++..+++++..++++++++++++++++++++.++++++++++.+++++.++++++++++++++++++++.++++++++++.++++++++++++++++++++....++++++++++..>+++++...........................................................+++++^^^
|>
|> Not enough random bytes available. Please do some other work to give
|> the OS a chance to collect more entropy! (Need 128 more bytes)

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Dennis Tenn * There will always come a time
dstenn@fanfic.org * When your love will be tested
LICQ# 1457509 * Stand tall and rise to the occasion
* For only then will you grow strong.
* -Anonymous
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Re: Problems with the gnupg 1.0.1 and FreeBSD 3.3 [ In reply to ]
Jos.Backus at nl
Apr 12, 2000, 6:59 AM
Post #5 of 7 (1048 views)
Permalink
On Wed, Apr 12, 2000 at 09:21:03AM -0400, Dennis Tenn wrote:
> Well.. To tell you the truth.. I ran a 'make buildworld' and concurrent
> 'find / &' and as an update to the problem.. It did finally complete but
> it took many hours on my P266. This doesn't seem right to me.

Indeed. Did you configure any entropy sources using rndcontrol(8)? If not, try
doing

vmstat -i

and configure those IRQs which have a decent rate. Be sure _not_ to use those
associated with clk* and rtc*.

This is on a system here:

# vmstat -i
interrupt total rate
clk0 irq0 173824877 99
rtc0 irq8 222501722 128
pci irq10 26115597 15
pci irq11 17550519 10
pci irq5 115171 0
fdc0 irq6 1 0
Total 440107887 253
# rndcontrol
rndcontrol: interrupts in use: 10 11
#

Here, ``gpg --gen-key'' works fine.

Hth,
--
Jos Backus _/ _/_/_/ "Reliability means never
_/ _/ _/ having to say you're sorry."
_/ _/_/_/ -- D. J. Bernstein
_/ _/ _/ _/
Jos.Backus@nl.origin-it.com _/_/ _/_/_/ use Std::Disclaimer;
Re: Problems with the gnupg 1.0.1 and FreeBSD 3.3 [ In reply to ]
dstenn at fanfic
Apr 12, 2000, 12:50 PM
Post #6 of 7 (1050 views)
Permalink
Thank you Jos.

This was it exactly. I checked vmstat and used irqs that would provide me
with activity. As expected, the gpg key generation process flew by and I
was left with a key pair in less than a minute. This should be included
in the FAQ IMHO.

Thank you to all. I'm happily exchanging encrypted email now.

On Wed, 12 Apr 2000, Jos Backus wrote:

|On Wed, Apr 12, 2000 at 09:21:03AM -0400, Dennis Tenn wrote:
|> Well.. To tell you the truth.. I ran a 'make buildworld' and concurrent
|> 'find / &' and as an update to the problem.. It did finally complete but
|> it took many hours on my P266. This doesn't seem right to me.
|
|Indeed. Did you configure any entropy sources using rndcontrol(8)? If not, try
|doing
|
| vmstat -i
|
|and configure those IRQs which have a decent rate. Be sure _not_ to use those
|associated with clk* and rtc*.
|
|This is on a system here:
|
|# vmstat -i
|interrupt total rate
|clk0 irq0 173824877 99
|rtc0 irq8 222501722 128
|pci irq10 26115597 15
|pci irq11 17550519 10
|pci irq5 115171 0
|fdc0 irq6 1 0
|Total 440107887 253
|# rndcontrol
|rndcontrol: interrupts in use: 10 11
|#
|
|Here, ``gpg --gen-key'' works fine.
|
|Hth,

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Dennis Tenn * There will always come a time
dstenn@fanfic.org * When your love will be tested
LICQ# 1457509 * Stand tall and rise to the occasion
* For only then will you grow strong.
* -Anonymous
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Re: Problems with the gnupg 1.0.1 and FreeBSD 3.3 [ In reply to ]
darren at flyingcolor
Apr 12, 2000, 3:37 PM
Post #7 of 7 (1053 views)
Permalink
>I have 2 systems and in both case I'm getting stuck generating key pairs.
>...
>Not enough random bytes available. Please do some other work to give
>the OS a chance to collect more entropy! (Need 128 more bytes)

I had the same problem; here are the answers I got from this mailing list:

>BSD machine:
>in /etc/defaults/rc.conf, set rand_irqs="<some irq's that are actually
>used>"

And:
>On FreeBSD you don't have to reboot your machine to change the IRQs used.
>Just do, as root :
> rndcontrol -s 15
> rndcontrol -s 14
>to add the IDE/ATAPI IRQs if they are used. Replace with your SCSI card IRQ
>if you have SCSI instead. I don't know if it's really secure to add a network
>card IRQ there.
>
>On OpenBSD, you simply can't add or remove entropy sources. At least it
>doesn't seems obvious to me while I was browsing man pages on
>www.openbsd.org.

As it was a co-located machine, and I don't have root access, I cheated and
generated keys on another machine then uploaded them.

Darren

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal