| 1 |
Pupeno schrieb: |
| 2 |
> On Wednesday 27 July 2005 20:54, Luigi Pinna wrote: |
| 3 |
|
| 4 |
>> I use the dm-crypt from the kernel.... |
| 5 |
> I've read that it is unsecure |
| 6 |
|
| 7 |
Where? And how is it insecure? |
| 8 |
|
| 9 |
> Beyond that, encripting with a key is much better than doing that with a |
| 10 |
> passphrase because the passphrase can be cracked (dictionary attack) while |
| 11 |
> the key-encripted that can't. |
| 12 |
|
| 13 |
Bullocks. With enough time, "key-encrypted" stuff can be broken |
| 14 |
into as well. Brute forcing is (theoretically) *ALWAYS* possible. |
| 15 |
|
| 16 |
So, if you make the password "random" enough, there's no risk. A few |
| 17 |
hundred chars should be sufficient - since you can easily pipe the |
| 18 |
passphrase to cryptsetup (and thus don't need to type it in manually), |
| 19 |
that's not a real problem. |
| 20 |
|
| 21 |
Alexander Skwar |
| 22 |
-- |
| 23 |
Love is a grave mental disease. |
| 24 |
-- Plato |
| 25 |
-- |
| 26 |
gentoo-user@g.o mailing list |
Archives