Hi John, If I do so, I will need to decrypt the key file then use the key file to decrypt the container... which is a bit tedious. Shannon 2009/4/27 Sitaram Chamarty <sitaramc@xxxxxxxxx>: > On Sun, Apr 26, 2009 at 7:42 PM, Jonas Meurer <jonas@xxxxxxxxxxxxxxx> wrote: >> On 26/04/2009 Sitaram Chamarty wrote: >>> On Sat, Apr 25, 2009 at 11:57 PM, Xiangrong Fang <xrfang@xxxxxxxxx> wrote: >>> > Hi There, >>> > >>> > Is it possible to use passphrase + key file in LUKS? >>> > >>> > I mean, I would like to use a passphrase AND a password to protect a >>> > device, but not "OR". >>> >>> Yes, I'd like to know too... >>> >>> It is notionally easier to get a key-file out of my hands than it is >>> to get a long passphrase out of my head. Even surreptitiously, if >>> need be. >>> >>> So the advantages of using a key-file compared to a password or >>> passphrase appear to be somewhat outweighed by that problem :-) >> >> why not simply encrypt the keyfile with gnupg/ssl/whatever? > > The only way to work that would be to send the decrypted file to > stdout and read key material from stdin. > > I suppose that'd work but I was going for analogy with ssh id files. > > Thanks, > > Sitaram > > --------------------------------------------------------------------- > dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ > To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx > For additional commands, e-mail: dm-crypt-help@xxxxxxxx > > --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
