1 |
Pupeno schrieb: |
2 |
> On Wednesday 27 July 2005 20:54, Luigi Pinna wrote: |
3 |
|
4 |
>> I use the dm-crypt from the kernel.... |
5 |
> I've read that it is unsecure |
6 |
|
7 |
Where? And how is it insecure? |
8 |
|
9 |
> Beyond that, encripting with a key is much better than doing that with a |
10 |
> passphrase because the passphrase can be cracked (dictionary attack) while |
11 |
> the key-encripted that can't. |
12 |
|
13 |
Bullocks. With enough time, "key-encrypted" stuff can be broken |
14 |
into as well. Brute forcing is (theoretically) *ALWAYS* possible. |
15 |
|
16 |
So, if you make the password "random" enough, there's no risk. A few |
17 |
hundred chars should be sufficient - since you can easily pipe the |
18 |
passphrase to cryptsetup (and thus don't need to type it in manually), |
19 |
that's not a real problem. |
20 |
|
21 |
Alexander Skwar |
22 |
-- |
23 |
Love is a grave mental disease. |
24 |
-- Plato |
25 |
-- |
26 |
gentoo-user@g.o mailing list |