| 1 |
On Tue, Sep 4, 2012 at 3:40 PM, "Roland Häder" <r.haeder@×××.de> wrote: |
| 2 |
>> 1. Maybe it would be a good idea to use an ASCII-only random string, for |
| 3 |
>> example by piping it through `base64 -w 0`. That way you don't loose any |
| 4 |
>> entropy (the key just gets longer) but it is easier to type the keyfile |
| 5 |
>> manually, in case you ever need to. You also don't have to worry about |
| 6 |
>> odd behavior of password prompts anymore. |
| 7 |
> I think that is now to late for? I have already formated it and added ext4 on it plus installed some packages already (was a long way). |
| 8 |
> |
| 9 |
>> |
| 10 |
>> 2. You should `shred` key.out instead of `rm`. |
| 11 |
> That key file was on RAM disk, not on real. ;) |
| 12 |
|
| 13 |
So shred your swap partition. :P |
| 14 |
|
| 15 |
|
| 16 |
-- |
| 17 |
:wq |
Archives