haaveged + gpg --sign fails with "signing failed: Operation cancelled"
Doug Barton
dougb at dougbarton.email
Wed Mar 29 07:44:26 CEST 2017
That's not how you use haveged. It is supposed to start when the system
boots, and run in the background, collecting entropy to seed the PRNG.
That said, if you are using a card for signing that's way more likely to
be involved in the problems you're seeing. Try creating a key on the
file system, and test using that first. If that works, then you've
narrowed down your problems.
Doug
On 03/22/2017 11:33 PM, Rainer Hoerbe wrote:
> Just for the record: Adding entropy using haveged does not work in my setup - it will cause the signature to fail without useful error message.
>
> My setup is:
> Linux keymgmt 4.9.14-200.fc25.x86_64 #1 SMP Mon Mar 13 19:26:40 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
> gpg (GnuPG) 2.0.22
> libgcrypt 1.5.3
>
> The procedure that repeatedly fails when including haveged:
> sudo /usr/sbin/pcscd
> sudo /usr/sbin/haveged
> gpg2 --import my_pub.gpg
> gpg2 --card-status
> echo -e "trust\n5\ny" > /tmp/gpg_editkey.cmd
> gpg2 --command-file /tmp/gpg_editkey.cmd --edit-key
> gpg2 --sign mydoc.txt
>
> Regards,
> Rainer Hörbe
> Identinetics GmbH
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
More information about the Gnupg-users
mailing list