From owner-freebsd-geom@FreeBSD.ORG  Fri Dec 28 12:59:28 2012
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id 090D9BDE
 for <freebsd-geom@freebsd.org>; Fri, 28 Dec 2012 12:59:28 +0000 (UTC)
 (envelope-from pawel@dawidek.net)
Received: from mail.dawidek.net (garage.dawidek.net [91.121.88.72])
 by mx1.freebsd.org (Postfix) with ESMTP id BAA878FC17
 for <freebsd-geom@freebsd.org>; Fri, 28 Dec 2012 12:59:27 +0000 (UTC)
Received: from localhost (89-73-195-149.dynamic.chello.pl [89.73.195.149])
 by mail.dawidek.net (Postfix) with ESMTPSA id 04028BCD;
 Fri, 28 Dec 2012 13:57:11 +0100 (CET)
Date: Fri, 28 Dec 2012 13:59:32 +0100
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
To: =?utf-8?B?0JHQu9C+0LPQtdGA?= <bloger@ngs.ru>
Subject: Re: keyfile on another HDD.
Message-ID: <20121228125931.GB5028@garage.freebsd.pl>
References: <VYf743db33az97Qyp04k05A8@ngs.ru>
 <CAHsZcQF8SYZ16Ztn1MZkpTKF4HST0fLoCsOUJB0BOVAfLRSHQQ@mail.gmail.com>
 <28wriS8X933a6ogk9D6qhL8f@ngs.ru>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature"; boundary="s2ZSL+KKDSLx8OML"
Content-Disposition: inline
In-Reply-To: <28wriS8X933a6ogk9D6qhL8f@ngs.ru>
X-OS: FreeBSD 10.0-CURRENT amd64
User-Agent: Mutt/1.5.21 (2010-09-15)
Cc: freebsd-geom@freebsd.org
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: GEOM-specific discussions and implementations
 <freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Dec 2012 12:59:28 -0000


--s2ZSL+KKDSLx8OML
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Dec 24, 2012 at 11:42:22PM +0300, =D0=91=D0=BB=D0=BE=D0=B3=D0=B5=D1=
=80 wrote:
> =D0=92 =D0=BE=D1=82=D0=B2=D0=B5=D1=82 =D0=BD=D0=B0 =D1=81=D0=BE=D0=BE=D0=
=B1=D1=89=D0=B5=D0=BD=D0=B8=D0=B5 =D1=82=D0=BE=D0=B2=D0=B0=D1=80=D0=B8=D1=
=89=D0=B0 Alaksiej Carniajeu,
> =D0=B4=D0=B0=D1=82=D0=B8=D1=80=D0=BE=D0=B2=D0=B0=D0=BD=D0=BD=D0=BE=D0=B5 =
2012-12-24 17:05:
>=20
> > > Is it possible to read key file from another HDD with FAT16 during
> > > system boot?
> >=20
> > Why do you want it (if it's not a big secret)?
> For security and practical reason. It will be more easy to hide and copy
> back (make available) my key when I need it.
>=20
> I have another question: how long (in bytes) can be geli key file?

There is no limit on keyfile size. geli(8) reads entire thing and adds
everything to HMAC along the way.

--=20
Pawel Jakub Dawidek                       http://www.wheelsystems.com
FreeBSD committer                         http://www.FreeBSD.org
Am I Evil? Yes, I Am!                     http://tupytaj.pl

--s2ZSL+KKDSLx8OML
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)

iEYEARECAAYFAlDdl7MACgkQForvXbEpPzQEzACcDZ/Q0hJORNSU3d7g3V1KfD3R
LZ8AoMXo7J/qVsWdRLwGOGMcdDbIkcE1
=MUAz
-----END PGP SIGNATURE-----

--s2ZSL+KKDSLx8OML--