我正在生成一些测试密钥,但似乎无法使用%no-protection和%transient-key标志。我收到以下消息:
$ cat dwight | gpg --homedir "dwight-keys" --gen-key --batch
gpg: keyring `dwight-keys/secring.gpg' created
gpg: keyring `dwight-keys/pubring.gpg' created
gpg: Generating a key for Dwight Schrute
gpg: skipping control `%no-protection' ()
gpg: skipping control `%transient-key' ()
Not enough random bytes available. Please do some other work to give
the OS a chance to collect more entropy! (Need 27 more bytes)
......+++++
错误消息指出%no-protection和%transient-key控件被跳过。您可以看到,这是因为密钥生成器正在尝试从中提取随机/dev/random字节如果我理解正确的话,%transient-key目的是防止。
这是我用来生成密钥的配置文件:
%echo Generating a key for Dwight Schrute
%no-protection
%transient-key
Key-Type: RSA
Key-Length: 4096
Subkey-Type: RSA
Subkey-Length: 4096
Name-Real: Dwight Schrute
Name-Email: [email protected]
Creation-Date: 2005-03-24
Expire-Date: 0
%commit
%echo Key generated
答案1
通过查看 GnuPG 来判断来源似乎%no-protection和%transient-key控件被添加到764e88d4df29204be6ea2206cf753c56ec0f5b5f,它仅在 2.1 分支上,而且我敢打赌你的 GnuPG 来自 2.0 分支。