dnssec-keygen just hangs on Three Different FreeBSD Systems.

[phn at icke-reklam.ipsec.nu]

Martin McCormick <martin at dc.cis.okstate.edu> wrote:
> 	Thank you for the information.  I successfully got the
> systems in question listening to the interrupts and a couple of
> them I have tried now output some data if I cat /dev/random |more
> or in to a file, but dnssec-keygen still only sits there doing
> nothing if I run it.

> 	So far, I added the interrupts to rndcontrol which
> verifies that they are being used.  I also added

>         rand_irqs="3 14 15"

> As recommended and booted one of the systems and, yes, they were
> still there.  Am I missing anything else?

Just guessing: could the configure / build process have decided that
your system lack /dev/random ?

config.status contains ( on one of my boxes ) :
config.status:${ac_dA}PATH_RANDOMDEV${ac_dB}PATH_RANDOMDEV${ac_dC}"/dev/srandom"${ac_dD}
config.status:${ac_uA}PATH_RANDOMDEV${ac_uB}PATH_RANDOMDEV${ac_uC}"/dev/srandom"${ac_uD}
config.status:${ac_eA}PATH_RANDOMDEV${ac_eB}PATH_RANDOMDEV${ac_eC}"/dev/srandom"

Maybe a reconfig/rebuild is needed ?





> 	There is no t.conf on this system in /etc/defaults.  I
> suspect the seed is still not present.  On one system, only a
> byte or 2 emerged when I performed the cat /dev/random >somefile.
> This is after over twelve hours of supposedly catching entropy.:-)

on my system :
> dd if=/dev/random of=/dev/null
1+0 records in
1+0 records out
512 bytes transferred in 0.000375 secs (1365649 bytes/sec)

And after a minute :
> dd if=/dev/random of=/dev/null
0+1 records in
0+1 records out
128 bytes transferred in 0.000191 secs (670251 bytes/sec)


In /etc/rc.conf i have : 
rand_irqs="11 14"               # Stir the entropy pool (like "5 11" or NO).


-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.