debian@xxxxxxx wrote: > The loop-AES.README file mention that the minimum password length in > single-key mode is 20 characters. > > But, what is the maximum password length in single-key mode? Are there any > other restrictions for the password? Interactively typed passwords have a limit of 127 bytes. That 127 byte limit comes from getpass() limit. If password is read from file descriptor (losetup "-p 0" option), then it is limited by mlock()able RAM size only. > If it is possible to have *very* long passwords (random data), then it would > be nice to have the possiblity to split up the single-key password to be > used as the keys in the same way as the keys in the multi-key mode is used. > For example: assume that you have a 2048 characters password. Split this > password in 64 equal sizes and you will have 64 different passwords each > with the length of 32 characters. Then, you should be able to use these > passwords in multi-key mode (if the loop-AES is patched to be able to work > with this setup, of course...). That would break backwards compatibility. May I suggest that you put gpg encrypted key file in /etc/foo.gpg and use that 2048 characters long passphrase to decrypt the key file. Or are you "no stinking gpg on my box" person? -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
