When running gpg --gen-key on CentOS 6 servers, the process frequently hangs at the entropy collection phase. This occurs because:

• Modern GPG implementations rely on /dev/random which blocks until sufficient entropy is available
• Headless servers lack physical user input (keyboard/mouse) to generate entropy
• Older CentOS 6 kernels have less sophisticated entropy gathering mechanisms

First verify your current entropy pool status:

cat /proc/sys/kernel/random/entropy_avail
# Typical output on a stuck system: 20-100 (needs 2000+ for GPG)

Check if rng-tools is installed:

rpm -qa | grep rng-tools

Solution 1: Install rng-tools (Recommended)

yum install rng-tools -y
service rngd start
chkconfig rngd on

Solution 2: Use Haveged as Alternative

yum install haveged -y
service haveged start
chkconfig haveged on

Solution 3: Temporary Workaround

Force GPG to use /dev/urandom instead:

echo "personal-digest-preferences SHA256
cert-digest-algo SHA256
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
use-agent
pinentry-mode loopback" > ~/.gnupg/gpg.conf

echo "random-seed-file /dev/urandom" > ~/.gnupg/gpg-agent.conf

After implementing any solution, monitor entropy levels:

watch -n 1 cat /proc/sys/kernel/random/entropy_avail

Then retry GPG key generation:

gpg --gen-key

For production servers, consider this optimized configuration:

# /etc/sysconfig/rngd
EXTRAOPTIONS="-o /dev/random -r /dev/urandom -t 5 -T 10"

For systems requiring FIPS compliance:

yum install rng-tools-fips -y
fips-mode-setup --enable

---

When running gpg --gen-key on CentOS 6, many users encounter the process hanging indefinitely at the "gaining enough entropy" stage. This occurs because:

• CentOS 6 uses an older Linux kernel (2.6.32) with less sophisticated entropy collection
• Virtualized environments (common for servers) often lack physical entropy sources
• The default rngd service isn't always properly configured

Try these methods to generate entropy quickly:

# Method 1: Install and use rng-tools
yum install rng-tools -y
service rngd start
chkconfig rngd on

# Method 2: Generate artificial entropy (temporary solution)
dd if=/dev/urandom of=/dev/null bs=1024 count=1024

# Method 3: Alternative using haveged
yum install haveged -y
service haveged start
chkconfig haveged on

For production systems, configure a reliable entropy source:

# Edit rngd configuration
cat > /etc/sysconfig/rngd << EOF
EXTRAOPTIONS="--rng-device /dev/urandom"
EOF

# Restart the service
service rngd restart

# Verify available entropy
cat /proc/sys/kernel/random/entropy_avail
# Should show >1000 for smooth GPG operations

The "can't connect to /root/.gnupg/S.gpg-agent" error can be resolved by:

# Start gpg-agent manually
gpg-agent --daemon --write-env-file ~/.gpg-agent-info

# Then source the environment
source ~/.gpg-agent-info

# Alternative: Add to bash profile
echo 'eval $(gpg-agent --daemon)' >> ~/.bash_profile

If still stuck, generate keys non-interactively:

cat > batch.txt << EOF
Key-Type: RSA
Key-Length: 2048
Subkey-Type: RSA
Subkey-Length: 2048
Name-Real: Your Name
Name-Email: your@email.com
Expire-Date: 0
%commit
EOF

gpg --batch --gen-key batch.txt

After successful generation, verify your keys:

gpg --list-keys
gpg --list-secret-keys

# Test encryption/decryption
echo "test message" | gpg --encrypt --armor -r your@email.com | gpg --decrypt