Description of problem: Running the command hangs while trying to generate *any* key. Version-Release number of selected component (if applicable): Version: 9.5.0-P1 bind-9.5.0-33.P1.fc9.i386 How reproducible: 100% Steps to Reproduce: 1. dnssec-keygen -f KSK -a RSASHA1 -b 512 -n ZONE example.org. 2. 3. Actual results: hang Expected results: a generated key is produced. Additional info: tail of strace dnssec-keygen -f KSK -a RSASHA1 -b 512 -n ZONE example.org. .... futex(0x323a64dce4, FUTEX_WAKE_PRIVATE, 2147483647) = 0 open("/usr/share/locale/en_US.UTF-8/libdns.cat", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/libdns.cat", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en/libdns.cat", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en/LC_MESSAGES/libdns.cat", O_RDONLY) = -1 ENOENT (No such file or directory) futex(0x323bb4a548, FUTEX_WAKE_PRIVATE, 2147483647) = 0 open("/usr/share/locale/en_US.UTF-8/libisc.cat", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/libisc.cat", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en/libisc.cat", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en/LC_MESSAGES/libisc.cat", O_RDONLY) = -1 ENOENT (No such file or directory) futex(0x323a64dc90, FUTEX_WAKE_PRIVATE, 2147483647) = 0 futex(0x323a64dd60, FUTEX_WAKE_PRIVATE, 2147483647) = 0 futex(0x323bb4a5bc, FUTEX_WAKE_PRIVATE, 2147483647) = 0 mmap(NULL, 266240, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f85cb00f000 stat("/dev/random", {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 8), ...}) = 0 open("/dev/random", O_RDONLY|O_NONBLOCK) = 3 fcntl(3, F_GETFL) = 0x8800 (flags O_RDONLY|O_NONBLOCK|O_LARGEFILE) fcntl(3, F_SETFL, O_RDONLY|O_NONBLOCK|O_LARGEFILE) = 0 open("/usr/share/locale/en_US.UTF-8/libdst.cat", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/libdst.cat", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en/libdst.cat", O_RDONLY) = -1 ENOENT (No such file or directory) open("/usr/share/locale/en/LC_MESSAGES/libdst.cat", O_RDONLY) = -1 ENOENT (No such file or directory) futex(0x323bb4ae00, FUTEX_WAKE_PRIVATE, 2147483647) = 0 futex(0x323bb4ae04, FUTEX_WAKE_PRIVATE, 2147483647) = 0 read(3, "\316\312<\32\235\23\273\347\301z\323\305\fE\323W` \221l\3\377\3070TL\220\377\313r\217b", 32) = 32 read(3, "i(Fay>\265$\377\212\374\312\301\266sb\1\231\212\273\310\264", 22) = 22 read(3, "i%\321\31\301\205\300u\33\241\353\256", 12) = 12 read(3, "\356\270\267\277\340\353\332^k\355", 10) = 10 read(3, "\"z\254\24\337\273c\266\260/\334R/\2046TY\222?\361\0003\346\rF1rq2\323\262V"..., 40) = 40 read(3, "\245\262\341>\301\222\227k\232\255\321\23\244\4\35\273\277\205\311\22\374C+\321\337R\352Q\305\1\274\206"..., 40) = 40 read(3, "q\7\f\373\320-kf\36\230\345t\252\t<\316ps\271\311\317\303#\300\374%X=$`\335\207"..., 40) = 40 read(3, "\257\333\232SkKe\375|X\336\260J\306;\242b|,|c\226~\'\264\210\254*\274I\331\343", 32) = 32 read(3, "!\307\261\314t\372M\22\350\275T\200O\225%\222\326\320\273\211\'\214", 22) = 22 read(3, "\362=\224Q\324N\226t\301\273.\265", 12) = 12 read(3, "4;yj\275\324N\330?\301", 10) = 10 read(3, "\334\227IhS\314\215,r\226F#\216\301\275\247\7\177Y\343x\262Ao\346\323\3121\276\357So", 32) = 32 read(3, "\354$\24$\271uXUiO\364+\271\35D\204>\371\236\361\317p", 22) = 22 read(3, "\370`:l4\367\35\305;\1\264;", 12) = 12 read(3, "H\5:N-Z\277V\215\301", 10) = 10 read(3, "=&\326\376\340\235\\@$\230\316\201 #\267&y\357\342\2534\347l\256\3135{\316\377bg\356", 32) = 32 read(3, "\356\270\3162\221\2372P\207\370/#\7\2\321\375@\177,j\253\246", 22) = 22 read(3, "\202_;\324\311\303\21\305\374\345\240\241", 12) = 12 read(3, "Eq\0~(\3601\374d+", 10) = 10 read(3, 0x7fffd3074040, 32) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074040, 22) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074040, 12) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074040, 10) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074fe0, 40) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074fe0, 40) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074fe0, 40) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074040, 32) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074040, 22) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074040, 12) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074040, 10) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074fe0, 40) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074fe0, 40) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074fe0, 40) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074fe0, 40) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074040, 32) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074040, 22) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074040, 12) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074040, 10) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074fe0, 40) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074fe0, 40) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074fe0, 40) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074fe0, 40) = -1 EAGAIN (Resource temporarily unavailable) read(3, 0x7fffd3074040, 32) = -1 EAGAIN (Resource temporarily unavailable) select(4, [3], [], NULL, NULL) = 1 (in [3]) read(3, "\22\305\246\204r\25\377$\253", 32) = 9 read(3, 0x7fffd3074040, 23) = -1 EAGAIN (Resource temporarily unavailable) select(4, [3], [], NULL, NULL .... ad infinitum No avc denials.
It looks that your system doesn't have enough entropy. Would it be possible tell me what happen if you add "-r /dev/urandom" parameter, please? Make sure that keys generated from /dev/urandom are weaker than keys from /dev/random.
As written in comment #1, closing. I'm pretty sure that your machine doesn't have enough entropy.