From owner-freebsd-questions@FreeBSD.ORG Mon Oct 25 10:39:04 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B9CBC106566B for ; Mon, 25 Oct 2010 10:39:04 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50]) by mx1.freebsd.org (Postfix) with ESMTP id 4922D8FC08 for ; Mon, 25 Oct 2010 10:39:04 +0000 (UTC) Received: by wwb24 with SMTP id 24so3093117wwb.31 for ; Mon, 25 Oct 2010 03:39:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type:content-transfer-encoding; bh=Oqvb6s3RqnoxvtTC39cTF+sjMLuuu3Txm0KFuSigBvM=; b=RADQ5pn62eWBEJVPjRDp0hOMOeNhZ7/EXPyTPF7A9UcfcZOTnJ81ol2+YmzmcK9UkM sIhdKE7qO1CljVxEdfH4dRqSs9W1X1dz3z1SWk1T08fE8ydBbrio04nS6ITEtgoRpShn LlEL6tS7H+k/0wds5Pld6H1hEsBk2L99FNK3w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; b=AgzBGa0aicXxUyCIWErJlxUCu8GTuND2Ld/iXvK4sz4nNdDTca/yMlS7CYBU0yD2IO BSkQcYUMiKPZj3DPfRCtcWFK+JSrx9Nhrsrs2XLGdroaZMJT4mgUHbzZV5y8ZuFodsd6 39mkWGmLwPEluQ/wKnp4Ckhcy2W3S+DskxW20= Received: by 10.216.184.77 with SMTP id r55mr138388wem.85.1288003143324; Mon, 25 Oct 2010 03:39:03 -0700 (PDT) Received: from gumby.homeunix.com (bb-87-81-140-128.ukonline.co.uk [87.81.140.128]) by mx.google.com with ESMTPS id f31sm4051404wej.15.2010.10.25.03.39.00 (version=SSLv3 cipher=RC4-MD5); Mon, 25 Oct 2010 03:39:01 -0700 (PDT) Date: Mon, 25 Oct 2010 11:38:58 +0100 From: RW To: freebsd-questions@freebsd.org Message-ID: <20101025113858.66b5a3e7@gumby.homeunix.com> In-Reply-To: <20101025030711.GA84564@admin.sibptus.tomsk.ru> References: <20101024101457.GA72426@admin.sibptus.tomsk.ru> <20101024123238.34c4344a@gumby.homeunix.com> <20101025030711.GA84564@admin.sibptus.tomsk.ru> X-Mailer: Claws Mail 3.7.6 (GTK+ 2.20.1; i386-portbld-freebsd8.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: geli keys X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Oct 2010 10:39:04 -0000 On Mon, 25 Oct 2010 10:07:11 +0700 Victor Sudakov wrote: > RW wrote: > > > > > > The geli(8) man page suggests initializing a geli provider with a > > > random keyfile (geli init -K). It also asks for a passphrase by > > > default. > > > > > > What happens if a provider is initialized without the -K option, > > > just with a passphrase? Will there be no encryption? Encryption > > > will be weaker? > > > > You can use either or both, they get combined. > > I see. > > > It's hard to remember a passphrase that contains 256 bits of > > entropy, OTOH a passfile might get stolen, so some people will want > > to use both. > > Why does the geli(8) man page always use a 64B long keyfile as an > example? Why 64 bytes and not 128 or 1024 or whatever? IIRC geli allows for up to 512 bit keysizes - although there are no 512 ciphers at the moment. Keyfiles with more than 512 bit of entropy are no better. Actually a single write from /dev/random is unlikely to contain much more than 256-bits of entropy anyway. > What if I use a well randomized keyfile and a weak passphrase, will > the master key be weaker? The keyfile and passphrase are used to encrypt the masterkey. As long as a strong keyfile is secure the passphrase strength is irrelevant, but if an attacker has the file then the passphrase may be bruteforced. Geli's use of PKCS #5 and salting provide some protection against this.