sbuild-update --keygen unnecessarily requires high quality entropy
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| sbuild (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
For a fresh user or throwaway VM:
sbuild-update --keygen
hostname: Name or service not known
Generating archive key.
gpg: keyblock resource `/home/
gpg: keyblock resource `/home/
Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 274 more bytes)
It's fine for a one-off on my own machine, but as I do things on throwaway VMs more often, this gets more irritating. I keep forgetting to apply my workaround, cancelling on this prompt and going round again. Or copying a pre-generated key over. I don't expect this to be necessary since sbuild is by definition sandbox. I'm not sure why this workaround is needed but would sources.list's [trusted=yes] work here? In any case this internal implementation detail of sbuild shouldn't need to be exposed to the user.
Workaround: replace /dev/random with a symlink to /dev/urandom instead (which is fine and safe on a throwaway VM where I won't be doing anything important).
