kinto wrote: > If you want, can explain me this procedure (from loopAES.README - > Example 2): > > head -c 15 /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 \ > | losetup -p 0 -e AES128 /dev/loop3 /dev/hda666 > dd if=/dev/zero of=/dev/loop3 bs=4k conv=notrunc 2>/dev/null > > The first encrypt the block device /dev/hda666 using a random passphrase > then, the second, fill all the partition with all zero. Is it right? > The scope is to create a "base" on which write the encrypted data? > All this to increase the safety of data encryption? That example pulls low quality random passphrase from /dev/urandom, and then fills the partition with encrypted zeroes. Then encrypted loop is set up again using your real high quality keys, and encrypted file system is created there. Intent is to fill unused space with random looking junk so that adversary can't detect what parts of the filesystem have been written. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
