On 2020-03-21 at 23:30 +0000, Andrew Gallagher wrote:
> I'm trying to follow the WKS instructions from the wiki[1] on a remote
> VM, but it hangs at the key generation stage:
[...]
> gpg (GnuPG) 2.2.4
Is this a newly created VM? Can you not use the opportunity of "nothing
else on the system which needs to be left untouched" to install newer
GnuPG?
GnuPG 2.2.4 is from 2017, there have been many fixes and security
improvements since then.
Besides, 2.2.14 is the first version with WKS support. Is that what you
meant?
Please, for new VMs just install the latest version from whatever
backports / compatibility package repository your OS distribution uses.
> key-submission@keys1:~$ gpg --passphrase '' --batch --quick-gen-key
> "$SUBMISSION_ADDRESS"
> Any idea what's going on?
Assuming Linux:
For such an old GnuPG release, assuming an equally old libgcrypt, my
best guess is that it's trying to use /dev/random for entropy and
blocking, since /dev/urandom isn't safe (for key generation) on Linux.
cat /proc/sys/kernel/random/entropy_avail
Newer GnuPG / libgcrypt use better system calls (getentropy/getrandom)
which are still safe but which don't use calls which cause Linux to get
its knickers in a twist about too many calls for entropy.
-Phil
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
