The other I was trying to generate GPG key. It took really a long time and I was running out of time and losing my patience. The GPG isn't generated even after I waited for almost an hour. I am not aware of GPG key generation process at that time, and I have never created one before. So I dig a little in Google and found out that I need to generate enough Entropy for GPG key generation process. If you are ever been in this situation, read on. It was not that difficult.
Generate Enough 'Entropy' For GPG Key Generation Process
I entered the following command to create a GPG key:
$ gpg --gen-key
And, I got this message:
[...] We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: agent_genkey failed: No pinentry Key generation failed: No pinentry
As you in the above command, it shows there is "no Pinentry" package.
Make sure you have installed pinentry-gtk or pinentry-qt packages.
To install this package on Arch based systems, run:
$ sudo pacman -S pinentry
On RPM based systems:
$ sudo yum install pinentry
On DEB based systems:
$ sudo apt-get install pinentry
Then, create or edit gpg-agent.conf file:
$ sudo nano ~/.gnupg/gpg-agent.conf
And add one of the following lines:
pinentry-program /usr/bin/pinentry-curses
Or,
pinentry-program /usr/bin/pinentry-qt
Save and close the file. Reboot your system to apply the changes.
Now, let us create GPG key:
$ gpg --gen-key
Here is where I got struck for hours. I ran this command and waited for an hour. It says I don't have sufficient Entropy and didn't create the key.
To create enough entropy we need to install a package called "rng-tools".
On Arch Linux and its derivatives, run:
$ sudo pacman -S rng-tools
On RHEL and its derivatives, run:
$ sudo yum install epel-release
$ sudo yum install rng-tools
On Debian/Ubuntu and derivatives, run:
$ sudo apt-get install rng-tools
In case the above package is not available, try to install "rng-utils" instead.
After you installed this utility, run the following command to gain enough Entropy:
$ sudo rngd -r /dev/urandom
Repeat the above command until you got enough Entropy to create a GPG key.
Let us check the amount of bytes of entropy currently available using command:
$ cat /proc/sys/kernel/random/entropy_avail
Sample output:
3103
Now, try to create GPG key again. This time the GPG key generation process will be much faster.
$ gpg --gen-key
Enter your name and mail ID and press enter.
Enter your passphrase:
Re-enter passphrase:
Success! The GPG key has been created.
Hope this helps.
2 comments
do NOT do this!!
/dev/urandom isn’t cryptographically secure!
It may suck, but just jiggle your mouse around until you get enough entropy. It’ll be more secure.
@CONCERNED Incorrect. /dev/urandom has *always* been cryptographically secure. https://www.2uo.de/myths-about-urandom/