Gpg key generation on VM (how to overcome low entropy) CompTIA|Linux+ Security
-
Don demonstrates gpg key generation on the Security episode of the CompTIA Linux+ course. He uses a separate session to the VM to generate an MD5 hash from the hard drive /dev/sda to generate sufficient entropy for the virtualised OS to create the keys.
I have a m/c with an SSD and and the image with an the 20G Virtual disk is only really 2.37G so I still could not generate sufficient entropy to generate a key in a reasonable time frame.
On searching for a solution I found haveged (an entropy daemon) http://www.issihosts.com/haveged/index.html which appears to harvest entropy from processor cache flutter to generate additional entropy.
This article explains how to install haveged, however I couldn't find the rpm package it referred to so used the instructions given by Digital Ocean to compile the daemon. I did need to install gcc first though 'yum install gcc'.
https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged
I've posted this here since others may have the same entropy issue, and increasingly it is seen in real world virtualised infrastructure.
I've not done enough research to assure myself if this is a solution suitable for a production server yet, so if anyone has an opinion or experience of this I'd welcome them chipping in here.
Steve