Pass+keyfile

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi there, is this construction secure? Assuming "keyfile" is a file and "/dev/device" is a block device, both made with /dev/urandom.
cryptsetup open --hash=sha512 --cipher=aes-xts-plain64 --type=plain keyfile keyfile_tmp && cat /dev/mapper/keyfile_tmp | \ cryptsetup open --hash=sha512 --cipher=aes-xts-plain64 --type=plain --key-file=- /dev/device cryptodevice && \ cryptsetup close keyfile_tmp && mount /dev/mapper/cryptodevice /media/cryptodevice
The goal is to use pass+keyfile to decrypt storage. I put it in a script and it works as it should at a glance. Are there alternatives or improvements? Stupid errors maybe? 

Thanks.
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux