| View previous topic :: View next topic |
| Author |
Message |
Yminus
Apprentice
Joined: 06 Jan 2008
Posts: 185
|
 Posted: Sat Feb 05, 2011 1:51 am Post subject: [Solved] gpg protected key vs. passphrase |
 |
|
When encrypting a partition using cryptsetup luks you have to choose between passphrase or keyfile. Some people decide to use a keyfile and encrypt it using gpg. So to decrypt the partition the keyfile has to be decrypted using a passphrase for gpg.
So what is the advantage of using a gpg protected keyfile over a passphrase?
Last edited by Yminus on Sun Feb 06, 2011 2:30 pm; edited 1 time in total |
|
| Back to top |
|
 |
Hu
Administrator
Joined: 06 Mar 2007
Posts: 23070
|
| Posted: Sat Feb 05, 2011 3:29 am Post subject: |
|
|
| A keyfile can contain substantially more material and be much more random, making it more difficult to mount a brute force attack. However, if you assume that the attacker can obtain the enciphered keyfile, then its value is reduced significantly. |
|
| Back to top |
|
|
Yminus
Apprentice
Joined: 06 Jan 2008
Posts: 185
|
| Posted: Sun Feb 06, 2011 2:29 pm Post subject: |
|
|
Thank you, this answers my question.
Since it is more likely to loose a keyfile than to forget a passphrase and in my case the safety of the data is more important than its the security I prefer passphrases to keyfiles. |
|
| Back to top |
|
|
|
Networking & Security
