On Sat, Oct 14, 2000 at 07:35:52PM -0600, Ray Percival ([EMAIL PROTECTED]) wrote: > I'm looking for a good command line tool to encrypt /home with I need > something that can handle large (4096 bit) keys. Any suggestions? > Thanks very much.
Please set your linewrap to 72 characters.
apt-get install gnupg
You can specify keylengths of an arbitrary size, though keysizes over
2048 are not recommended. I'm generating a 4096 bit key right now, and
it's taking quite a while (as in, the time I've used to write this
message), and is depleting the system entropy pool in the process. Keys
without good entropy are not worth much. In fact, the entropy I'm
adding to the system in writing this message is *not* keeping up with
the needs of the key generator. I'll stow the mail for a bit and see
how many additional messages I need to read before it's done.
...ok, it took quite some time -- at least fifteen, twenty minutes,
possibly an hour or so -- to generate that key on a PII-180 system.
Why do you feel you need a 4096 bit key? That's excessive by almost all
accounts. You're aware that key strength *doubles* with each additional
bit, and that above 2048 bits, you probably have other far less secure
portions of your security profile.
--
Karsten M. Self <kmself@ix.netcom.com> http://www.netcom.com/~kmself
Evangelist, Opensales, Inc. http://www.opensales.org
What part of "Gestalt" don't you understand? There is no K5 cabal
http://gestalt-system.sourceforge.net/ http://www.kuro5hin.org
GPG fingerprint: F932 8B25 5FDD 2528 D595 DC61 3847 889F 55F2 B9B0
pgpyaF3sBYsSr.pgp
Description: PGP signature
