Date: Thu, 6 Aug 2009 12:02:09 +0200 From: cpghost <cpghost@cordula.ws> To: Modulok <modulok@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Secure password generation...blasphemy! Message-ID: <20090806100209.GA42719@phenom.cordula.ws> In-Reply-To: <64c038660908040939o349b7b16o6659d5f5f2eb65fb@mail.gmail.com> References: <64c038660908031928v15a76d15g5599e6f3fef936e1@mail.gmail.com> <20090804075221.GA3909@slackbox.xs4all.nl> <20090804081841.GC74277@mech-cluster241.men.bris.ac.uk> <4A77F20F.5060500@boosten.org> <64c038660908040936m7872c211y2897990508ee8316@mail.gmail.com> <64c038660908040938m6b195216kb18edc17add0e5ba@mail.gmail.com> <64c038660908040939o349b7b16o6659d5f5f2eb65fb@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Aug 04, 2009 at 10:39:38AM -0600, Modulok wrote: > But I'm also looking for a good way to generate high quality crypto > keys. In the later case, the data being protected are disk images of > clients...mountains of sensitive data. These will be on USB > keys, and thus do not need to be memorized. Assuming my clients are > not enemies of a state, /dev/random should be a sufficient source for > this purpose, correct? i.e: > > dd if=/dev/random of=foo.key bs=256 count=1 It should be "good enough"... but you need to do so reading on non-linear key spaces first. Depending on the symmetric cipher, not all keys are equally strong; and if you're unlucky, you may catch one of those "bad keys" through /dev/random. However, this is a fairly advanced crypto topic. > Thanks guys! > -Modulok- -cpghost. -- Cordula's Web. http://www.cordula.ws/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090806100209.GA42719>