diff --git a/setup/dns.sh b/setup/dns.sh
index e7a6cc82..44f6431c 100755
--- a/setup/dns.sh
+++ b/setup/dns.sh
@@ -78,7 +78,7 @@ FIRST=1 #NODOC
 for algo in RSASHA1-NSEC3-SHA1 RSASHA256; do
 if [ ! -f "$STORAGE_ROOT/dns/dnssec/$algo.conf" ]; then
 	if [ $FIRST == 1 ]; then
-		echo "Generating DNSSEC signing keys. This may take a few minutes..."
+		echo "Generating DNSSEC signing keys..."
 		FIRST=0 #NODOC
 	fi
 
@@ -89,16 +89,16 @@ if [ ! -f "$STORAGE_ROOT/dns/dnssec/$algo.conf" ]; then
 	# `ldns-keygen` outputs the new key's filename to stdout, which
 	# we're capturing into the `KSK` variable.
 	#
-	# ldns-keygen uses /dev/random for generating random numbers. See the
-	# notes in ssl.sh about how /dev/urandom is seeded, which probably also
-	# applies here, but also /dev/random is seeded by the haveged daemon.
-	KSK=$(umask 077; cd $STORAGE_ROOT/dns/dnssec; ldns-keygen -a $algo -b 2048 -k _domain_);
+	# ldns-keygen uses /dev/random for generating random numbers by default.
+	# This is slow and unecessary if we ensure /dev/urandom is seeded properly,
+	# so we use /dev/urandom. See system.sh for an explanation. See #596, #115.
+	KSK=$(umask 077; cd $STORAGE_ROOT/dns/dnssec; ldns-keygen -r /dev/urandom -a $algo -b 2048 -k _domain_);
 
 	# Now create a Zone-Signing Key (ZSK) which is expected to be
 	# rotated more often than a KSK, although we have no plans to
 	# rotate it (and doing so would be difficult to do without
 	# disturbing DNS availability.) Omit `-k` and use a shorter key length.
-	ZSK=$(umask 077; cd $STORAGE_ROOT/dns/dnssec; ldns-keygen -a $algo -b 1024 _domain_);
+	ZSK=$(umask 077; cd $STORAGE_ROOT/dns/dnssec; ldns-keygen -r /dev/urandom -a $algo -b 1024 _domain_);
 
 	# These generate two sets of files like:
 	#
diff --git a/setup/system.sh b/setup/system.sh
index a97c4f77..fe055c3b 100755
--- a/setup/system.sh
+++ b/setup/system.sh
@@ -63,6 +63,7 @@ apt_install python3 python3-dev python3-pip \
 # encryption keys and passwords:
 #
 # * TLS private key (see `ssl.sh`, which calls `openssl genrsa`)
+# * DNSSEC signing keys (see `dns.sh`)
 # * our management server's API key (via Python's os.urandom method)
 #
 # Why /dev/urandom? It's the same as /dev/random, except that it doesn't wait