kinto wrote: > head -c 2925 /dev/random | uuencode -m - | head -n 66 | tail -n 65 \ > | gpg --symmetric -a >/tmp/keyfile.gpg > > dd if=/dev/zero of=/tmp/file.img bs=1M count=10 > > head -c 15 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 \ > | losetup -e AES256 -K /tmp/keyfile.gpg /dev/loop1 /tmp/file.img Above "head -c 15 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1" is completely unnecessary and unused here. Seems you are using file backed loop. Read-only mounting iso9960 images and such work fine with file backed loops. My advise is to avoid writable file backed loops. > I want to use two different keys for encryption the single file, but one > key must be have a time-limit validity. If you use public key crypto and specify multiple recipients when you encrypt the key file contents, then each recipient can use their gpg private key passphrase to unlock the key file contents. Time limit can be enforced by re-encrypting key file contents using different set of recipients. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
