gpg --gen-key hangs at gaining enough entropy on centos 6
Solution 1:
When the gpg --gen-key command hangs like this, log in to another shell and perform the following command:
dd if=/dev/sda of=/dev/zero
(This command basically reads from your hard drive and discards the output, because writing to /dev/zero will do nothing.)
After a few seconds / minutes, the key generation command should complete.
Solution 2:
For a more reliable solution you could install random number generator related utilities, which will make sure that you always have enough random bytes.
yum install rng-tools
and then edit /etc/sysconfig/rngd and add EXTRAOPTIONS="-r /dev/random"
Start the service
service rngd start
Voila and you live happily ever after :)
Solution 3:
Both comments given before are perfectly fine. But here is just my 2 cents.
The problem with RHEL/centos 6 and entropy is that they are tickless kernels. So, by themselves, these kernels don't generate enough entropy. You have to get some keyboard attached or even some mouse movement or use dd as mentioned.
rngd daemon is awesome and most commercial entities use it.
However, the best approach I have seen is use of dedicated TPM device. They are small hardware which are quite expensive. You put them and rngd utilizes random true entropy from the hardware source. As far as I know, Fujitsu has some good TPM device.
Yeah, these three methods pretty much cover the entropy part.
Solution 4:
https://gist.github.com/franciscocpg/1575d286548034113884c3185ca88681
Open a ssh session
sudo apt-get install rng-tools
In another SSH window open
gpg --gen--key
Go back to your first SSH session and run
sudo rngd -r /dev/urandom
Let this run till gpg generates your keys!
Then you can kill rngd
sudo kill -9 $(pidof rngd)
Solution 5:
Twist on other responses but at least one liner and not root.
((find / | xargs file) &> /dev/null &); gpg2 --gen-key --batch --passphrase-file output-key.txt key-gen-options.txt
Key-gen-options contains
Key-Type: 1
Key-Length: 2048
Subkey-Type: 1
Subkey-Length: 2048
Name-Real: myuser
Name-Email: [email protected]
Expire-Date: 0
Output-key.txt contains my super secret key.