I should have read the blog post you linked to before posting the comment. There are no factual errors in the blog post to my knowledge (I'm no professional cryptographer, just an enthusiast who took a couple formal courses and tinkered a bit), and the argument is compelling.
My previous comment actually looks silly now, since I talk of "good" random data that the post disputes. But I stand my ground that using /dev/urandom for serious business like GPG keys is a bad idea. /dev/random providess a better guarantee than /dev/urandom regarding the randomness of data you extract, and many including me are not happy to give up this guarantee. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/706011 Title: gpg --key-gen doesn't have enough entropy and rng-tools install/start fails To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/706011/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
