Hello, Am 29.06.2013 00:22, schrieb Christoph Anton Mitterer: > On Fri, 2013-06-28 at 23:24 +0200, Jonas Meurer wrote: >> Ok, indeed the examples could be changed to use xts. Feel free to >> provide a patch. I'll happily accept it. > Attached... see the header for the exact changes and intentions and > complain if it's not okay.
Thanks for the patch. I added all your proposed changes to documentation with the exception that I used 'size=256' and 'hash=sha1' for examples. These are upstream defaults at the moment. I even remember some discussion whether aes256 might be less secure than aes128. I'm not a crypto expert at all, so I prefer to go with upstreams defaults. Is this ok for you? > I could write two more patches: > 1) That changes all keyscript=/lib/cryptsetup/../name to just > keyscript=name ... I think that's supported for keyscripts shipped with > cryptsetup. Done in SVN, thanks for the suggestion. > 2) I'd recommend to replace all /dev/sd[letter][number] or > hd[letter][number] by "/dev/sdaN". > Why? > - AFAIK, hd is no longer used in the current kernels (I guess the old > non libata based IDE drivers were even dropped)... Good point. I replaced all occurences of 'hdXY' by 'sdXY'. Thanks for the pointer. > - literally using "N" instead of an example number... reduces the risk > that someone accidentally copies&pastes these examples and cause real > harm. Most examples use high letter+number combinations like sdg8 for that exact reason. To be honest I prefer real examples. If you've the feeling that any of the examples is particularely prone to copy&paste accidents, and a warning might help, please send me a patch. Kind regards, jonas -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
