Re: dnssec-keygen is waiting endless...

Hello Evan,

Am 2010-05-28 18:33:14, hacktest Du folgendes herunter:
Operating System is "Debian GNU/Linux 5.0 Lenny" with bind9 in version
1:9.7.0.dfsg.P1-1~bpo50+1

I get the same problem on Ubuntu, which is Debian-based. /dev/random
runs out of entropy rapidly and takes a long time to recover.

I have tries it on Debian Etch, Lenny and Sid with the same result... On
all three machines I have touse "-r /dev/urandom" which is realy weird.

Using "dnssec-keygen -r /dev/urandom" will make it finish much
faster, but that uses a pseudo-random number generator instead of true
randomness, so it's not the best choice from the paranoid crypto viewpoint.
I often use it for test zones and such. If I needed a proper bulletproof
key on an Ubuntu box, and I didn't want to wait a long time for it, I'd
probably generate the key on some other system and copy it over.

:-) I have 38.000 Zones and on my "AMD Sempron 2200+" with 3 GByte of
memory it take arround 40 Second to create ONE signed zone fro a script.

This mean, if I want to sign 38.000 zones it will run 18 days...

Thanks, Greetings and nice Day/Evening
Michelle Konzack

--
##################### Debian GNU/Linux Consultant ######################
Development of Intranet and Embedded Systems with Debian GNU/Linux

itsystems@tdnet France EURL itsystems@tdnet UG (limited liability)
Owner Michelle Konzack Owner Michelle Konzack

Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France 77694 Kehl/Germany
Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix

<http://www.itsystems.tamay-dogan.net/> <http://www.flexray4linux.org/>
<http://www.debian.tamay-dogan.net/> <http://www.can4linux.org/>

Jabber linux4michelle@xxxxxxxxxxxxx
ICQ #328449886

Linux-User #280138 with the Linux Counter, http://counter.li.org/

Attachment: signature.pgp
Description: Digital signature

Relevant Pages

  • Re: debian and ubuntu - answer from user not pretending to be guru
    ... are there situations where debian is preferable? ... are there situations where ubuntu is preferable (eg picking up newer ... Before people start criticising that preference, it it my preference, and, it is up to each individual, to choose the person's preference, for whatever reasons that person makes the choice. ... When we initially installed Debian 3.1 on that laptop, which was purchased with Windows XP installed, we had to use Mandriva to repartion it partitioning utility), then install Ubuntu on it, then unistall Ubuntu and install Debian, as the wireless network card had an interrupt conflict with the wired network card, and it was a problem that was automatically resolved with Ubuntu, whereas Debian simply would not work with it. ...
    (Debian-User)
  • Re: Sugestions for New Releases of Debian
    ... I have slowly got used to Ubuntu, being a Linuxer for the last two ... Ubuntu is a specific instance of the much more general Debian system, ... That software be developed to make a "Remaster" type backup on ... worth going to a virtual installation. ...
    (Debian-User)
  • Re: Linux & MSI K8N Neo2 Platinum (nForce3 Ultra) questions...
    ... I will try Ubuntu, ... So be prepared to use Mandrake x86_64 ... go with MEPIS instead of Ubuntu, or maybe even just use Debian ... I should have asked Deb vs Rpm I guess? ...
    (alt.linux)
  • Re: how many users is enough?
    ... Without Debian there would be no successful Ubuntu, ... to install distro, and at that time I thought I was good with computers. ... dependencies on all major XFCE4 components. ...
    (Debian-User)
  • Re: Does Debian = Ubuntu?
    ... Is Ubuntu just Debian but with a prettier look to it? ... one of their developers said to me "If we ... of complexity or being willing to support your choices. ...
    (Debian-User)