Cryptsetup FAQ is confusing re: key-file length and newlines

John Wiersba <jrw32982@xxxxxxxxx> · Wed, 15 Jul 2020 20:49:09 +0000 (UTC)

The FAQ as of today (2020/7/15) states
Make sure
no trailing newline (0x0a) is contained in the input key file, or the
passphrase will not work because the whole file is used as input.
But then a few lines later it suggests
head -c 256 /dev/random > keyfile
Obviously if /dev/random is used, it's possible that the keyfile will end with a trailing newline.

I think you're trying to distinguish between 
A file which contains a human-readable passphrase which could also be entered interactively, and 
A file which contains random bytes.  
In order for a passphrase to be entered interactively, the passphrase must not end with a newline.  Therefore, when intending to use both a keyfile containing a passphrase and also enter that same passphrase interactively, the keyfile should not contain a newline (anywhere), including a trailing newline.  If a keyfile does contain a newline (anywhere), the text of that keyfile will not be able to be entered interactively as a passphrase.

Additionally, I see lots of guidance on the length of a keyfile which uses magic numbers, both on the internet and also in the FAQ.  Examples are the value 256 above, and the parameters bs=512 count=8 for dd.  If I understand the FAQ correctly, the actual advice is
Plain dm-crypt: Use > 80 bit.  ...  If paranoid, add at least 20 bit.
This implies (taking the worst case) that 
head -c 13 /dev/random
should be sufficient (13 * 8 bytes = 104 bits > 81+20 bits), and 256 bytes is "overkill".  I do understand that some reasonable amount of overkill is essentially "free" and therefore can be used "just in case".

Did I understand these two concepts correctly, and if so, could you clarify the FAQ?

Thanks!
-- John Wiersba
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
https://www.saout.de/mailman/listinfo/dm-crypt