Thursday, November 1, 2012

gpg - Not enough random bytes available - Best Solution

After issuing the command
  gpg --gen-key

trying to generate a key pair using gpg I got the message:

Not enough random bytes available.  Please do some other work to give
the OS a chance to collect more entropy! (Need 280 more bytes)


After some search on web, I got different procedures, and I began testing them.

The one that really worked successfully was that using rng-tools.
A tutorial to set up rng-tools can be found at:

besides being the most practical solution.
The gpg command started working without failures, being stable.

I've create a summary with additional information for the alternative solutions which are described below just in case being useful someway.

Unfortunately, the alternative solutions using  ls / -R  or  find / > /dev/null  and the  --no-use-agent  flag were not always successful.
I've got some success but also failures, using the same environment and procedures. So far, for professional usage I've discarded, but they can be a valuable attempt if you have no rights to install packages on the target environment and need a temporary solution during an emergency.


Go to terminal and check your entropy:
  watch cat /proc/sys/kernel/random/entropy_avail

You're gonna get a real time feedback as an entropy number.
The biggest, the best.
Lower system activity, lower entropy number.

GPG requires high entropy.

Go to a second shell and start the following command:
  ls / -R

Let it running.

Return to the prior terminal - the entropy shall be increasing.

Still let ls command running.

Go to a third terminal to generate the key pair using this command:
   gpg --gen-key --no-use-agent

That's it. Done.

Why the --no-use-agent flag?

Checking man (man gpg), you see:

              Try to use the GnuPG-Agent.  With this option, GnuPG first tries
              to connect to the agent before it asks for a  passphrase.  --no-
              use-agent disables this option.

              Override    the    value    of    the    environment    variable
              'GPG_AGENT_INFO'’. This is only used when --use-agent  has  been
              given.   Given  that this option is not anymore used by gpg2, it
              should be avoided if possible.

Probably this issue is already fixed in newer versions.

If you need to generate more entropy, try this:

- using find command by other way:
- using stress tool from:
  suggested by:

If  this procedure still fails, there is also, an interesting procedure using rng-tools at:

To check you gpg version:
  gpg --version

The information compiled here was based on several posts, among them:

No comments:

Post a Comment

vue create fails to start project using npm run serve returning: Local: "http://[C:]:3000/"

>PROBLEM Following the instructions in Vue's documentation  after issuing the command: npm run service returns the following: Local: ...