>> I'd like to learn why you think that to remove the passphrase from >> your memory and to "put the passphrase in a gpg keyfile" instead >> might conceivably result in "better security". etwcn> If someone manages to hack my box, s/he could easily put install etwcn> a key logger and sniff the passphrase. With the key file etwcn> solution, the hacker can only get the passphrase that decodes the etwcn> key file. But, as I would put the file on an usb memory stick, etwcn> which is only shortly plugged-in while mounting the partition, etwcn> s/he would have some additional effort in order to also get the etwcn> file. A simple key logger does not suffice anymore then. Under this kind of threat model your approach makes some sense. But I suppose your threat model is somewhat optimistic... Consider extending the threat model with this little twist: the ``hacker'' is destiny, and destiny makes you lose the USB memory stick. Would you like the consequence? Perhaps yes, perhaps not. Is an increased possibility of losing access to your data less important than a decreased probability of someone else's accessing it? I don't know, but think carefully about what matters to you, and the kind of risk and precautions you can take in each case. [ ... ] etwcn> I never thought a re-encryption of a parition would be etwcn> possible. Where can I find any addidtional information etwcn> on that subject? The documentation of 'aespipe' and 'man aespipe'. Having done a little search, this page contains a mini intro: http://www.geekcomix.com/cgi-bin/classnotes/wiki.pl?UNIX03/Encryption_With_Aespipe etwcn> I guess this includes some signifcant risk of loosing all the etwcn> data on the disk, in case something goes wrong. Any data writing en-masse entails a risk of data loss if there are no backups. As to the risks, consider this warning form the author: http://mail.nl.linux.org/linux-crypto/2003-05/msg00138.html [ ... ] etwcn> The AES-loop readme contains some information on the differences etwcn> in security for the various encryption options. It sounds quite etwcn> plausible to me. Uhmmm, this can be a very dangerous attitude. The README discusses issues related to _cipher_ security, which may be a very small aspect of ``security'', whatever that is. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
