On Sun, Apr 22, 2012 at 01:11:55AM +0100, Damian Myerscough wrote: > Hello, > I was setting up BIND DNSSEC and when I issue the following command the > process never finishes. > dnssec-keygen -a RSASHA1 -b 1024 -n ZONE example.com > I straced the process and noticed the following messages > write(2, "Generating key pair.", 20Generating key pair.) = 20 > gettimeofday({1335044641, 756413}, NULL) = 0 > read(3, "s\2161\363\364<\1s1\343\311\212\1", 64) = 13 > read(3, 0x7fffcac9c960, 51) = -1 EAGAIN (Resource temporarily > unavailable) > select(4, [3], [], NULL, NULL) = 1 (in [3]) > read(3, "p\32\254\352$\264:\22", 51) = 8 > read(3, 0x7fffcac9c960, 43) = -1 EAGAIN (Resource temporarily > unavailable) > select(4, [3], [], NULL, NULL) = 1 (in [3]) > read(3, "\370\270\363IE\342X\343", 43) = 8 > read(3, 0x7fffcac9c960, 35) = -1 EAGAIN (Resource temporarily > unavailable) > select(4, [3], [], NULL, NULL) = 1 (in [3]) > My machine is a virtual host, does anyone have any ideas what resource is > temporarily unavailable.
/dev/random - VMs, with no keyboard or mouse, don't accumulate enough entropy to keep /dev/random full. Installing haveged would probably help; or consider generating keys on a machine with a decent amount of entropy and securely moving them to your VM. Bill. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users