Phil H wrote: > Firstly, thank you very much for your response, much appreciated. > > To respond: > > 1. ' encryption approximates at 200% less performance' > > At the top of the script I point out that CPU load is greatly increased > and suggest that using single or double at most is more than > suffficient, perhaps you skimmed it. I took it to a potential three > layers since tbat seemed the likely practical maximum. For a laugh I > also tested it with 8 layers of encryption, and a 1.87GHz Centrino > actually coped, even (barely) playing an avi file off the encrypted > partition. Some posters on his list talk about double encryption, > presumably they can take the performance hit. Yes. I only looked at the script for a few minutes and the details in the programming where more interesting then the rest. :-) > 2. 'the keys where used wrongly' > > The embedded keys are all gpg encrypted as usual before being written to > the loop devices. Unsure what you mean by 'exposed' or 'wrongly > used'. You have to remember a seperate passphrase for each layer. > There is not one passphrase for all three layers. I must confess that i hadn't saved the script and the mail was already expired when i replied, so i couldn't reread it. Apparently i had "saved" a wrong impression of the script in my brain. But in the end it boils down to that i had my things in order when i skimmed the script. So i had not much to gain from it in general so my eyes where more on the finer details of shell-scripting. I can say that i didn't knew "seq" existed and i now can use it the next time i have a need for a sequence in a shell-script. :-) -- Real Programmers consider "what you see is what you get" to be just as bad a concept in Text Editors as it is in women. No, the Real Programmer wants a "you asked for it, you got it" text editor -- complicated, cryptic, powerful, unforgiving, dangerous. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
