From owner-freebsd-questions@FreeBSD.ORG Tue Aug 4 16:39:40 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 95D671065796 for ; Tue, 4 Aug 2009 16:39:40 +0000 (UTC) (envelope-from modulok@gmail.com) Received: from mail-ew0-f206.google.com (mail-ew0-f206.google.com [209.85.219.206]) by mx1.freebsd.org (Postfix) with ESMTP id 237F78FC1E for ; Tue, 4 Aug 2009 16:39:39 +0000 (UTC) (envelope-from modulok@gmail.com) Received: by ewy2 with SMTP id 2so3821881ewy.43 for ; Tue, 04 Aug 2009 09:39:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=Nvz3H/VpQ12CgKsz88ySswXAsYi1+WJtuxohFxIpQGo=; b=qTCF/em3C35yiav7oC3dG2sNUN60beJoGpXRz8sKzqLupAeAaSbZ/UpRwFzQPYVax1 2rKpCHK5DvCs3evS/LgrQDk8Ee+FVjbcxw0vZJ+e93XQxyWBRYGw2sAiNlLaubSsBQE+ Qac29F6y/QZjo0zMm+VxbpN9LMupwt/ZXXrV8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=II7sfEkjjpp2pzf/1ZTsuLGeAITBvVBLqPLAscQVTzttBSySm8G9RGHmpNcYCIfj0n bJL09ZQ39whAyW4WS5SEnXbckm9R7pGJiCMEhvodXFqs/ztZGkQSB5SRysnYfhbRVuaF a924QUZX1cz99DB2J4TMGXnD40DpNmn4mBMd8= MIME-Version: 1.0 Received: by 10.211.179.6 with SMTP id g6mr6930985ebp.49.1249403978934; Tue, 04 Aug 2009 09:39:38 -0700 (PDT) In-Reply-To: <64c038660908040938m6b195216kb18edc17add0e5ba@mail.gmail.com> References: <64c038660908031928v15a76d15g5599e6f3fef936e1@mail.gmail.com> <20090804075221.GA3909@slackbox.xs4all.nl> <20090804081841.GC74277@mech-cluster241.men.bris.ac.uk> <4A77F20F.5060500@boosten.org> <64c038660908040936m7872c211y2897990508ee8316@mail.gmail.com> <64c038660908040938m6b195216kb18edc17add0e5ba@mail.gmail.com> Date: Tue, 4 Aug 2009 10:39:38 -0600 Message-ID: <64c038660908040939o349b7b16o6659d5f5f2eb65fb@mail.gmail.com> From: Modulok To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: Secure password generation...blasphemy! X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Aug 2009 16:39:41 -0000 Good call on the hashing, reducing the quality of the passwords, Kurt. The hash generated passwords are for online accounts, as auto-generated initial passwords and such. But I'm also looking for a good way to generate high quality crypto keys. In the later case, the data being protected are disk images of clients...mountains of sensitive data. These will be on USB keys, and thus do not need to be memorized. Assuming my clients are not enemies of a state, /dev/random should be a sufficient source for this purpose, correct? i.e: dd if=/dev/random of=foo.key bs=256 count=1 Thanks guys! -Modulok-