Great, thanks, I could just as well leave it on the filesystem right? Since it is encrypted .. when decrypting I will move it to a ramdrive because I think journaling filesystems will still give up data, even if wiped fairly secure... Greets, Rense Ps. One a sidenote, what is the strongest symmetric blockcipher? I am using twofish now because I don't want to use AES and it is supposed to be pretty fast and fairly secure but if speed would not matter is there anything stronger then the known stuff like SERPENT? -----Original Message----- From: Ma Begaj [mailto:derliebegott@xxxxxxxxx] Sent: Tuesday, July 08, 2008 1:55 PM To: dm-crypt@xxxxxxxx Cc: Rense Buijen Subject: Re: LUKS Question 2008/7/8 Rense Buijen <rense.buijen@xxxxxxxxx>: > Hi Jonas, > > Ah, I think I get it, I will make a keyfile with (dd if=/dev/random > of=/tmp/keyfile bs=1M count=4) and then encrypt it > http://ncrypt.sourceforge.net/ for instance? > Then I decrypt the keyfile first using my passphrase and afterwards I will > open the dm-crypt device with the decrypted key, right? ... I am using > Ubuntu 8.04 so I guess I can use the wrapper for it? you don't need ncrypt. gpg and/or openssl are absolutely great for this. you can put the encrypted file on the usb-stick and use udev to ask you for password when you insert it. --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
