Somewhat off-topic, but I've noticed that ssh-keygen is much faster at generating key pairs that GnuPG, due to the latter wanting more "proper" entropy.
Does that mean that GnuPG is overly paranoid? Or ssh-keygen's keys potentially insecure? (I really hope not). There must be some good explanation for this huge speed difference.
The difference must be urandom vs random. You'll find a lot of words spent arguing the misinformed vs the enlightened if you look for those terms, on HN or elsewhere. I'm in the urandom camp and think that's the only thing that makes sense on the condition that it blocks/errors until seeded properly once, which means so much as that gpg is misinformedly paranoid in my opinion and that if ssh keygen had been insecure it would have been fixed long ago, but do read up and form your own opinion.
Does that mean that GnuPG is overly paranoid? Or ssh-keygen's keys potentially insecure? (I really hope not). There must be some good explanation for this huge speed difference.