Both parts have some reason. In one hand, you shouldn't generate any kind of crypto key if you don't have enough entropy, it defeats the whole purpouse of it.
On the other hand, with all this virtual environments we use today, and the lack of detail on the message, you feel helpless: Where is my entropy? I keep poking keys in my ssh terminal (as mandated by the software) but no entropy is generated Can I get entropy from another host? How do I press keys or move a mouse on a virtual machine if there's no hardware to plug a mouse? Probably everybody needing a quick cert for doing some testing or authenticating packages locally is getting some headaches with this, especially if they don't use the same OS on their desktops than on the servers. So my proposal is expanding a bit the explanation message when generating a new key, stating that, if connected remotely or to a virtual host, they won't get entropy ever pushing keys, and maybe giving an option or two. Maybe even a timeout, so if the key is not generated in XX minutes, it stops and gives some explanation to the user, with a --force-wait option to avoid this timeout. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/706011 Title: gpg --key-gen doesn't have enough entropy and rng-tools install/start fails To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/706011/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
