Hardware Reference
In-Depth Information
Generating entropy
If you decided to create a new key on the BBB, there are a few technicalities we must con-
sider. First of all, GPG will need a lot of random data to generate the keys. The amount of
random data available in the kernel is proportional to the amount of entropy that is avail-
able. You can check the available entropy with the following command:
cat /proc/sys/kernel/random/entropy_avail
If this command returns a relatively low number, under 200, then GPG will not have
enough entropy to generate a key. On a PC, one can increase the amount of entropy by in-
teracting with the computer such as typing on the keyboard or moving the mouse.
However, such sources of entropy are difficult for embedded systems, and in our current
setup, we don't have the luxury of moving a mouse.
Fortunately, there are a few tools to help us. If your BBB is running kernel version 3.13 or
later, we can use the hardware random number generator on the AM3358 to help us out.
You'll need to install the rng-tools package. Once installed, you can edit /etc/de-
fault/rng-tools and add the following line to register the hardware random number
generated for rng-tools :
HRNGDEVICE=/dev/hwrng
After this, you should start the rng-tools daemon with:
/etc/init.d/rng-tools start
If you don't have /dev/hwrng —and currently, the chips on the CryptoCape do not yet
have character device support and aren't available to /dev/hwrng —then you can install
haveged . This daemon implements the Hardware Volatile Entropy Gathering and Ex-
pansion ( HAVEGE ) algorithm, the details of which are available at http://www.irisa.fr/
caps/projects/hipsor/ . This daemon will ensure that the BBB maintains a pool of entropy,
which will be sufficient for generating a GPG key on the BBB.
Search WWH ::




Custom Search