On 23/03/2020 16:52, john doe wrote:
> I thought that 'only-urandom' could be used as an replacement of haveged
> on this Stretch VM, looks like I misunderstood when to use this option.
Try it anyway, debian often backport newer features if they have
security implications (dkg should be able to
On 3/23/2020 5:21 PM, Andrew Gallagher wrote:
> On 23/03/2020 15:58, john doe wrote:
>> $ gpg --version
>> gpg (GnuPG) 2.1.18
>> libgcrypt 1.7.6-beta
>>
>> Is it not working because of a too old release?
>
> Yes, that's FAR too old. :-) You need to dist-upgrade to buster.
>
I'll go back to using
On 23/03/2020 15:58, john doe wrote:
> $ gpg --version
> gpg (GnuPG) 2.1.18
> libgcrypt 1.7.6-beta
>
> Is it not working because of a too old release?
Yes, that's FAR too old. :-) You need to dist-upgrade to buster.
--
Andrew Gallagher
signature.asc
Description: OpenPGP digital signature
On 3/23/2020 1:01 PM, Werner Koch wrote:
> On Mon, 23 Mar 2020 10:16, john doe said:
>
>> Thank you Werner, I wrapped the above as an one liner:
>
> This is even easier.
>
> $ mkdir -p /etc/gcrypt && echo only-urandom>/etc/gcrypt/random.conf
>
> The '#' lines are merely comments to show which
On Mon, 23 Mar 2020 10:16, john doe said:
> Thank you Werner, I wrapped the above as an one liner:
This is even easier.
$ mkdir -p /etc/gcrypt && echo only-urandom>/etc/gcrypt/random.conf
The '#' lines are merely comments to show which other options are
available.
Shalom-Salam,
Werner
On 3/22/2020 8:55 PM, Werner Koch via Gnupg-users wrote:
> On Sun, 22 Mar 2020 12:36, Andrew Gallagher said:
>> On 22/03/2020 05:38, john doe wrote:
>>> Do you have enough entropy on the VM?
>>
>> Argh, thank you. I thought I had enough entropy because monkeysphere
>> created its trust root
On 22/03/2020 19:22, Wiktor Kwapisiewicz wrote:
> Actually newer GnuPG already has a lot of interesting options. For key
> signing automation the most interesting one is "--quick-sign-key" that
> can sign a given UID in a key given by fingerprint.
This will be very useful in the future, thanks.
On 22/03/2020 19:55, Werner Koch wrote:
> You might be better off using this:
...
> instead if the very brittle and CPU dependent haveged.
Thanks, Werner! That seems to work.
--
Andrew Gallagher
signature.asc
Description: OpenPGP digital signature
On 22/03/2020 22:16, Vincent Breitmoser wrote:
> Have you seen openpgp-ca? It's an effort that sounds similar to what you are
> describing, based on sequoia-pgp.
That sounds very interesting, thank you!
A
--
Andrew Gallagher
signature.asc
Description: OpenPGP digital signature
