On Jun 21, 2005, at 8:11 PM, Christian Kujau wrote:
Boyd Waters schrieb:
[...]
random bits, that is itself encrypted by GPG. You may use GPG to
encrypt however you want: you may use public-key encryption, in which
case you may have a number of users, each with their own secret
password, all of them can decrypt the disk-encryption password
and thus
access the loop-AES partition.
i was talking about changing the encryption cipher, not the
passphrase. i
found aes128 faster than twofish128 on my machine, so i wanted to
change
it. the passphrase of the gpg key was not changed here.
Ah, yes -- well, do not *ever* re-encrypt in-place (from/to the same
data volume) with dd! I suppose it would work, as loop-AES is a block-
level cipher, but I always move from one *disk* device to another
when modifying the underlying encryption scheme.
~ boyd
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
