[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Choosing the passphrase, encrypted swap, naming the kernel

To: linux-crypto@xxxxxxxxxxxx
Subject: Choosing the passphrase, encrypted swap, naming the kernel
From: Christian <neodaxus@xxxxxxx>
Date: Fri, 30 Jul 2004 04:43:40 +0100
In-reply-to: <200407291044.01246.venkat@rayservers.com>
List-archive: <http://mail.nl.linux.org/linux-crypto/>
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-id: <linux-crypto.nl.linux.org>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:linux-crypto@nl.linux.org>
List-software: Ecartis version 1.0.0
List-subscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:linux-crypto-request@nl.linux.org?Subject=unsubscribe>
References: <410733D5.2080000@gmx.net> <4107CB0B.166416D0@users.sourceforge.net> <41087F2F.2070105@gmx.net> <200407291044.01246.venkat@rayservers.com>
Sender: linux-crypto-bounce@xxxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.5 (Windows/20040207)

Venkat Manakkal wrote:

See diceware.com about choosing really strong passwords. Long phrases or sentences do not really cut it. A ten word diceware phrase puts you in the 128+ bits of entropy range, throw in some extra special characters for good measure and you will be in the 30 char password length range.

But it doesn't make sense to use AES256 if your password has only 128 bits of entropy, right?

>> Is there also a way to check that encrypted swap is working?
> "cat /proc/swaps" command should show one or more lines starting with
> /dev/loop string.

Unfortunately it does not (it mentions /dev/hda5). What else could I do?

In /etc/fstab (loop=/dev/loop?), I can replace ? with any number from 0 to 7, right?

Jari Ruusu wrote:
> The fix is to recompile and boot new kernel using but using different
> CONFIG_RELEASE CONFIG_CFGNAME strings.

I discovered that SuSE seems to ignore what comes after the word default, if you simply append something. When I boot 2.6.5-7.95-default-neo1, uname -a returns 2.6.5-7.95-default. However, when I boot 2.6.5-7.95-defneo1, uname -a returns 2.6.5-7.95-defneo1.

Thanks,

Christian

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

Follow-Ups:
- Re: Choosing the passphrase, encrypted swap, naming the kernel
  - From: Jari Ruusu
- Re: Choosing the passphrase, encrypted swap, naming the kernel
  - From: Venkat Manakkal

References:
- Encrypted swap, suspend, README, root encryption, potential weaknesses, NSA, dual-ciphers
  - From: Christian
- Re: Encrypted swap, suspend, README, root encryption, potential weaknesses,NSA, dual-ciphers
  - From: Jari Ruusu
- Re: Encrypted swap, suspend, README, root encryption, potential weaknesses, NSA, dual-ciphers
  - From: Christian
- Re: Encrypted swap, suspend, README, root encryption, potential weaknesses, NSA, dual-ciphers
  - From: Venkat Manakkal

Prev by Date: Re: Encrypted swap, suspend, README, root encryption, potential weaknesses, NSA, dual-ciphers
Next by Date: Re: Encrypted swap, suspend, README, root encryption, potential weaknesses, NSA, dual-ciphers
Previous by thread: Re: Encrypted swap, suspend, README, root encryption, potential weaknesses, NSA, dual-ciphers
Next by thread: Re: Choosing the passphrase, encrypted swap, naming the kernel
Index(es):
- Date
- Thread