Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 8 Feb 2006 23:46:45 +0100
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        Christian Baer <christian.baer@informatik.uni-dortmund.de>
Cc:        freebsd-geom@freebsd.org
Subject:   Re: -p with GELI
Message-ID:  <20060208224645.GF732@garage.freebsd.pl>
In-Reply-To: <dsdp4d$gf7$2@nermal.rz1.convenimus.net>
References:  <dsdidb$gf7$1@nermal.rz1.convenimus.net> <20060208201852.GA732@garage.freebsd.pl> <dsdp4d$gf7$2@nermal.rz1.convenimus.net>

next in thread | previous in thread | raw e-mail | index | archive | help

--3yNHWXBV/QO9xKNm
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Feb 08, 2006 at 10:51:09PM +0100, Christian Baer wrote:
+> On Wed, 8 Feb 2006 21:18:53 +0100 Pawel Jakub Dawidek wrote:
+> > What you want to use is '-k' option.
+> > If you really know what you're doing you can do something like this:
+>=20
+> Hmm, I thought the keyfile and the passphrase were treated differently.
+> Does that mean they are exchangeable, i.e. if I init the provider with a
+> passphrase I can attach it with a keyfile of the same content as the
+> passphrase?

No, but you may pass 'keyfile' through standard input, so it can be
anything.
You must know, that for keyfiles PKCS#5v2 won't be used nor additional
salt.

+> > I suggest not to use the same passphrase for all providers.
+> > You can always do something like:
+> >
+> > pass_da0=3D3D`echo "0${passphrase}0" | sha256`
+> > pass_da1=3D3D`echo "1${passphrase}1" | sha256`
+> > pass_da2=3D3D`echo "2${passphrase}2" | sha256`
+>=20
+> For that to be of any real good[1], the script would have to be on an
+> encrypted provider - preferably with a *completely* different passphrase
+> (and as a result a completely different key) itself. But if the attacker
+> can analyse this script, then a brute forcing the ${passphrase} will gra=
nt
+> access to all providers.
+>=20
+> Or am I missing the point here completely?

This is not to prevent brute force attack, it's just better no to use
the same key. Actually here it is not so important as it is only used
for Master-Key encryption which is random.

Anyway, in my opnion this is the list from the safest to the most unsafe
configuration list:
1. Different passphrase for every provider.
2. Different key for every provider derived from the same passphrase.
3. One passphrase for every provider.

--=20
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd@FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!

--3yNHWXBV/QO9xKNm
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQFD6nTVForvXbEpPzQRAmZ/AKCXqcPhQV5hFgwSiRanlZT+BrWh/QCfQk33
eg9VydgnJ+S3OBuQCr/Aw/0=
=bBz2
-----END PGP SIGNATURE-----

--3yNHWXBV/QO9xKNm--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060208224645.GF732>