Peter_22@xxxxxx schrieb: > Interesting point! Loop-aes provides no option to change the key/password > for a partition. Using dd and two loop-devices is rather risky. What if the > machine just hangs up after 100GB? All data gone? yeah, you can say that again: it's *damn* risky :-\ if the machine loses power or the "dd" dies (OOM?), half of the partition is encrypted with twofish, the other part with aes...uuuh. > Well, I asked myself if there is a way to use some >1GB partition (swap or > such) to store the data temporarily and pipe it further through the pipe. In > case of some crash a restore-point could be set and re-encryption restarted > or continued. i *think* that if i know up to which sector dd has written, i can then continue from exactly this point. but i've never tried it. > For harddisk encryption this would be an interesting thing. Just in case > someone gets a copy of your keyfile you may want do change it. i've done this 3 or 4 times now, always successful, but always had a backup at hand.... -- BOFH excuse #334: 50% of the manual is in .pdf readme files - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
