* [gentoo-user] crypted key for dm-crypt
@ 2005-08-07 6:52 Pupeno
2005-08-07 7:39 ` Christian Hoenig
0 siblings, 1 reply; 3+ messages in thread
From: Pupeno @ 2005-08-07 6:52 UTC (permalink / raw
To: gentoo-user
[-- Attachment #1: Type: text/plain, Size: 509 bytes --]
Hello.
Well, I have dm-crypt configured and running. It encrypts tha swap, a loopback
for /tmp (with a random key), all this using the
standard /etc/conf.d/cryptfs.
Now I'd like to encrypt my home with a key instad of a passphrase, place that
key on my pen drive after etcrypting it with a key, my questions are:
- How do I generate the key ?
- How do I en/decrypt it ?
Any hints ?
Thanks.
--
Pupeno <pupeno@pupeno.com> (http://pupeno.com)
Reading ? Science Fiction ? http://sfreaders.com.ar
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [gentoo-user] crypted key for dm-crypt
2005-08-07 6:52 [gentoo-user] crypted key for dm-crypt Pupeno
@ 2005-08-07 7:39 ` Christian Hoenig
2005-08-08 17:34 ` Pupeno
0 siblings, 1 reply; 3+ messages in thread
From: Christian Hoenig @ 2005-08-07 7:39 UTC (permalink / raw
To: gentoo-user
[-- Attachment #1: Type: text/plain, Size: 885 bytes --]
Hi,
> Well, I have dm-crypt configured and running. It encrypts tha swap, a
> loopback for /tmp (with a random key), all this using the
> standard /etc/conf.d/cryptfs.
> Now I'd like to encrypt my home with a key instad of a passphrase, place
> that key on my pen drive after etcrypting it with a key, my questions are:
> - How do I generate the key ?
I have restricted my key to printable letters.
So an easy way to generate a key without uuencode or stuff is something like
this:
cat /dev/random |sed -e "s/[^a-zA-Z0-9]//g"
> - How do I en/decrypt it ?
Encrypt your just generated key? I thought you wanted to get rid of
passphrases.
You can use the key like it is to en/decrypt your data by just putting it on
you pendrive and doing stuff with cryptsetup:
cryptsetup -d <KEY-FILENAME> ...
HTH a little bit.
take care, have fun
/christian
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [gentoo-user] crypted key for dm-crypt
2005-08-07 7:39 ` Christian Hoenig
@ 2005-08-08 17:34 ` Pupeno
0 siblings, 0 replies; 3+ messages in thread
From: Pupeno @ 2005-08-08 17:34 UTC (permalink / raw
To: gentoo-user
[-- Attachment #1: Type: text/plain, Size: 1107 bytes --]
On Sunday 07 August 2005 04:39, Christian Hoenig wrote:
> Hi,
>
> > Well, I have dm-crypt configured and running. It encrypts tha swap, a
> > loopback for /tmp (with a random key), all this using the
> > standard /etc/conf.d/cryptfs.
> > Now I'd like to encrypt my home with a key instad of a passphrase, place
> > that key on my pen drive after etcrypting it with a key, my questions
> > are: - How do I generate the key ?
>
> I have restricted my key to printable letters.
> So an easy way to generate a key without uuencode or stuff is something
> like this:
> cat /dev/random |sed -e "s/[^a-zA-Z0-9]//g"
>
> > - How do I en/decrypt it ?
>
> Encrypt your just generated key? I thought you wanted to get rid of
> passphrases.
No, I wanted to get rid of having to recreate the whole filesystem to change
the passphrase (with an encrypted key I only change the encripting
passphrase).
Furthermore I'd have stronger encription because a dictionary attack would be
harder.
--
Pupeno <pupeno@pupeno.com> (http://pupeno.com)
Reading ? Science Fiction ? http://sfreaders.com.ar
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2005-08-08 17:40 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-08-07 6:52 [gentoo-user] crypted key for dm-crypt Pupeno
2005-08-07 7:39 ` Christian Hoenig
2005-08-08 17:34 ` Pupeno
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox