[Saavedro]

It's snake oil -- entropy isn't "depleted" in any meaningful way; once your kernel PRNG has accumulated enough entropy that you'd be comfortable using it to generate a crypto key it is not going to cease being suitable for that just because you continue asking it for random numbers.

[pstrateman]

/dev/random is an entropy estimating entropy pool

that means it will block when it estimates that you have "used up" all of the available entropy

you can check how many bits of entropy your kernel thinks are available easily

cat /proc/sys/kernel/random/entropy_avail

edit: i should have mentioned that there is some reason to argue against this behaviour but that doesn't change the usefulness of haveged for existing systems

[jfindley]

Yes, but that's a reason not to use /dev/random, not a reason to install snake-oil products.

The random(4) manpage is unfortunately exceptionally misleading, and has sadly led to a small but non-zero numbers of products that try to use /dev/random rather than /dev/urandom.

Sadly, gpg --gen-key doesn't even give you this option - but that's (as noted above) another flaw in GPG.