Add info about haveged to gpg/randomness note (#8227)

2018-05-21 13:57:03 -07:00
parent 15634c20fe
commit e954686e5a
1 changed files with 18 additions and 3 deletions
--- a/lib/spack/docs/getting_started.rst
+++ b/lib/spack/docs/getting_started.rst
@@ -1064,9 +1064,12 @@ Secret keys may also be later exported using the
   Key creation speed
      The creation of a new GPG key requires generating a lot of random numbers.
      Depending on the entropy produced on your system, the entire process may
-      take a long time (even a few minutes). To speed it up you may install
-      tools like ``rngd``, which is usually available as a package in the host OS.
-      On e.g. an Ubuntu machine you need to give the following commands:
+      take a long time (*even appearing to hang*). Virtual machines and cloud
+      instances are particularly likely to display this behavior.
+
+      To speed it up you may install tools like ``rngd``, which is
+      usually available as a package in the host OS.  On e.g. an
+      Ubuntu machine you need to give the following commands:

      .. code-block:: console

@@ -1075,6 +1078,18 @@ Secret keys may also be later exported using the

      before generating the keys.

+      Another alternative is ``haveged``, which can be installed on
+      RHEL/CentOS machines as follows:
+
+      .. code-block:: console
+
+         $ sudo yum install haveged
+         $ sudo chkconfig haveged on
+
+      `This Digital Ocean tutorial
+      <https://www.digitalocean.com/community/tutorials/how-to-setup-additional-entropy-for-cloud-servers-using-haveged>`_
+      provides a good overview of sources of randomness.
+
 ^^^^^^^^^^^^
 Listing keys
 ^^^^^^^^^^^^