On Wed, 2010-07-14 at 12:09 +0200, Arno Wagner wrote: > Specifically, the issue was what to do in a low-entropy environment > (embedded system) on automatic install. I just can point out my previous argument once again: As the entropy is only required once (when setting up LUKS) there should be no issue with embedded devices per se. It's rather a problems for all kinds of automatically installed systems and there I'd say: - These systems usually don't use encryption anyway. - Even I they does they'll typically require manual intervention anyway (entering a password, providing a key file, etc.) - And apart from that: cryptsetups main target should always be maximum security. Therefore it would be IMO better to life (for now) with blocking systems than using urandom. Cheers, Chris.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
