While trying to reproduce a reported issue with ChatSecure's OTR negotiation with Pidgin I discovered an apparently long standing key generation bug preventing the use of pidgin-otr on Ubuntu.
Steps to reproduce:
1) Install Ubuntu 13.10 64-bit in VMware Fusion 5.0.3 w/ VMware Tools for Linux on Mac OS 10.9 (Mavericks)
2) Install Pidgin 2.10.7 and pidgin-otr 4.0.0 through Ubuntu Software Center
3) Attempt to generate a private key for any account
It looks like this is a long standing bug in Debian/Ubuntu that may be related to libgcrypt's key generation routines getting blocked on reads from /dev/random or /dev/urandom.
Here are a collection of issues I found documenting this bug:
Ah okay that makes sense, I guess it wouldn't be as big of a deal on a real
machine. Is there any way to indicate to the user that it is blocking
on user input and to increase entropy by hitting random keys?
For what it's worth the Windows version in another VMware instance didn't
have any trouble generating the key.
Also, are there any good strategies for users to prevent bias while warming
up the PRNG?
On Thursday, November 28, 2013, Ian Goldberg wrote:
Yes, it's because there's not enough entropy in your vm's /dev/random.
There's really not anything pidgin-otr can do about that.
While trying to reproduce a reported issue with ChatSecure's OTR negotiation with Pidgin I discovered an apparently long standing key generation bug preventing the use of pidgin-otr on Ubuntu.
Steps to reproduce:
1) Install Ubuntu 13.10 64-bit in VMware Fusion 5.0.3 w/ VMware Tools for Linux on Mac OS 10.9 (Mavericks)
2) Install Pidgin 2.10.7 and pidgin-otr 4.0.0 through Ubuntu Software Center
3) Attempt to generate a private key for any account
It looks like this is a long standing bug in Debian/Ubuntu that may be related to libgcrypt's key generation routines getting blocked on reads from /dev/random or /dev/urandom.
Here are a collection of issues I found documenting this bug:
1) https://bugs.launchpad.net/ubuntu/+source/pidgin-otr/+bug/303862
2) https://bugs.launchpad.net/ubuntu/+source/pidgin-otr/+bug/303866
3) https://bugs.launchpad.net/ubuntu/+source/pidgin-otr/+bug/240640
4) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489523 (it looks like there is a lengthy discussion from 2008 there where Ian discusses asynchronous key generation)
So I've found you can work around the issue by mashing on the keyboard for about 1-2 minutes.
Yes, it's because there's not enough entropy in your vm's /dev/random. There's really not anything pidgin-otr can do about that.
Ah okay that makes sense, I guess it wouldn't be as big of a deal on a real
machine. Is there any way to indicate to the user that it is blocking
on user input and to increase entropy by hitting random keys?
For what it's worth the Windows version in another VMware instance didn't
have any trouble generating the key.
Also, are there any good strategies for users to prevent bias while warming
up the PRNG?
On Thursday, November 28, 2013, Ian Goldberg wrote:
Related
Bugs: #22
I wanted to share that as another workaround, you can install haveged. This instantly solved the problem for me.
https://packages.debian.org/jessie/haveged