In order to generate SECURE keys, dnssec-keygen reads /dev/random, which will block until there's enough entropy available on your system. Some systems have very little entropy and thus dnssec-keygen may take forever.
Possible solutions:
1. apt-get install haveged
haveged daemon supplies lots of entropy to /dev/random.
2. dnssec-keygen -r /dev/urandom
Will use "non-blocking" pseudo-random device (lower security).
3. Move mouse and tap on keyboard - kernel uses this as entropy source.
It is NOT a bug.
In order to generate SECURE keys, dnssec-keygen reads /dev/random, which will block until there's enough entropy available on your system. Some systems have very little entropy and thus dnssec-keygen may take forever.
Possible solutions:
1. apt-get install haveged
haveged daemon supplies lots of entropy to /dev/random.
2. dnssec-keygen -r /dev/urandom
Will use "non-blocking" pseudo-random device (lower security).
3. Move mouse and tap on keyboard - kernel uses this as entropy source.
4. Buy a hardware entropy device.