On Thu, 2008-11-13 at 23:23 +0900, Osamu Aoki wrote: > Encryption key has 128 bit strength since it is generated from > /dev/urandom and there is no established script to go over them to check > if one possible key is the one used for encryption. This makes it > practically impossible to try to run cracking scripts by scanning all > possible cases. (Besides there is no easy existing script to do it.) > > On the other hand typical simple login password with 8 characters has > only about 18 bit strength according to wikipedia article and thieves > can check password with the hash value in /etc/shadow contents easily > using established scripts (crack, john). > http://en.wikipedia.org/wiki/Password_strength > > Please note such password is good enough for normal protection for > logging into account. (Usually with system with shadow password and some > time delay for login, this gives enough protection since each process of > password verification takes time and shadow can not be read. About > order of 1000 hours if we try each 4 seconds.) > > I agree that independent password does not give you extra bits of > security as password bits unless you pay extra attention to the choice. > But independent password is only used for encryption and there is no > easy verification process. So use of it surely improves situation.
Oh, hey, don't get me wrong ... A randomly generated password is absolutely, definitely, positively more secure ;-) That's why I added the feature, and made it the "default", if you just hit enter. In fact, I originally wanted to make that the default behavior *without* asking, and only provide an optional mechanism to allow for choosing a mount passphrase. However, in running this through our usability people here on the Ubuntu side of things, this was deemed a bit to ambitious for our users. Sacrificing usability for security. So we settled on the current approach... If you "just hit enter", and accept the default, randomly generated password, you get top-notch security. But you still can choose a password easily enough. > As for > if echo "$LOGINPASS" |tr -d "\n"| > ecryptfs-insert-wrapped-passphrase-into-keyring "$WRAPPED_PASSPHRASE_FILE" - > ; then > > Then you can do with fancy "stty -echo". This is prelude to use zenity. > Then we can have desktop file without terminal :-) (I have uncleaned > version here ) I'm definitely interested in better graphical tools for setting this up on desktops. > > Okay, I've tested this a bit, and committed it to upstream git. > > Thanks. > > > See the git commits: > > * > > http://git.kernel.org/?p=linux/kernel/git/mhalcrow/ecryptfs-utils.git;a=commit;h=43da1692581c5c575550aab0ca54e9d85fe0a8b0 > > * > > http://git.kernel.org/?p=linux/kernel/git/mhalcrow/ecryptfs-utils.git;a=commit;h=43da1692581c5c575550aab0ca54e9d85fe0a8b0 > > Hmmm... why two lines? Contents looks good to me though. Cut-n-paste error. I mean to paste the two separate commits, one with the meat of your change, and the second with the one-char command line options. Looks like you eventually found both anyway ;-) Thanks for the interest. :-Dustin
signature.asc
Description: This is a digitally signed message part
