[gentoo-user] crypted key for dm-crypt

[gentoo-user] crypted key for dm-crypt

[Pupeno]

[-- Attachment #1: Type: text/plain, Size: 509 bytes --]

Hello.
Well, I have dm-crypt configured and running. It encrypts tha swap, a loopback 
for /tmp (with a random key), all this using the 
standard /etc/conf.d/cryptfs.
Now I'd like to encrypt my home with a key instad of a passphrase, place that 
key on my pen drive after etcrypting it with a key, my questions are:
- How do I generate the key ?
- How do I en/decrypt it ?
Any hints ?
Thanks.
-- 
Pupeno <pupeno@pupeno.com> (http://pupeno.com)
Reading ? Science Fiction ? http://sfreaders.com.ar

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] crypted key for dm-crypt

[Christian Hoenig]

[-- Attachment #1: Type: text/plain, Size: 885 bytes --]

Hi, 

> Well, I have dm-crypt configured and running. It encrypts tha swap, a
> loopback for /tmp (with a random key), all this using the
> standard /etc/conf.d/cryptfs.
> Now I'd like to encrypt my home with a key instad of a passphrase, place
> that key on my pen drive after etcrypting it with a key, my questions are:
> - How do I generate the key ?

I have restricted my key to printable letters. 
So an easy way to generate a key without uuencode or stuff is something like 
this:
	cat /dev/random |sed -e "s/[^a-zA-Z0-9]//g"


> - How do I en/decrypt it ?

Encrypt your just generated key? I thought you wanted to get rid of 
passphrases. 
You can use the key like it is to en/decrypt your data by just putting it on 
you pendrive and doing stuff with cryptsetup:

	cryptsetup -d <KEY-FILENAME> ...

HTH a little bit.

take care, have fun
/christian

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] crypted key for dm-crypt

[Pupeno]

[-- Attachment #1: Type: text/plain, Size: 1107 bytes --]

On Sunday 07 August 2005 04:39, Christian Hoenig wrote:
> Hi,
>
> > Well, I have dm-crypt configured and running. It encrypts tha swap, a
> > loopback for /tmp (with a random key), all this using the
> > standard /etc/conf.d/cryptfs.
> > Now I'd like to encrypt my home with a key instad of a passphrase, place
> > that key on my pen drive after etcrypting it with a key, my questions
> > are: - How do I generate the key ?
>
> I have restricted my key to printable letters.
> So an easy way to generate a key without uuencode or stuff is something
> like this:
> 	cat /dev/random |sed -e "s/[^a-zA-Z0-9]//g"
>
> > - How do I en/decrypt it ?
>
> Encrypt your just generated key? I thought you wanted to get rid of
> passphrases.
No, I wanted to get rid of having to recreate the whole filesystem to change 
the passphrase (with an encrypted key I only change the encripting 
passphrase).
Furthermore I'd have stronger encription because a dictionary attack would be 
harder.

-- 
Pupeno <pupeno@pupeno.com> (http://pupeno.com)
Reading ? Science Fiction ? http://sfreaders.com.ar

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]