In an attempt to get the very higest level of securety on my rncrypted home partiton,
rather than use a password, i decided to use a random file.
i filled a floppy disk like so....
Code:
dd if=/dev/urandom of=/dev/fd0
like expected, the disk was filled with random data.
and the home partiton is mounted from the local startup script like so...
Code:
losetup /dev/loop7 /home/chris.img
cryptsetup -c aes -s 256 -d /dev/fd0 -b `blockdev --getsize /dev/loop7` -h ripemd160 create chris /dev/loop7
mount /dev/mapper/chris /home/chris/
if the wrong floopy disk (or no floppy disk) is inserted before the local script runs, then my ecrypted partiton is not mounted, but other users with non encrypted disks are allowed to login.
this works fine except for one thing, i was expecting this setup to use the whole 1.44 megs of data as the password, but the disk activity only lasts a few seconds, and it takes 30 seconds to read the whole disk...
how do i work out how much random data is being used as the password ?
im worred that maybe the encryption program is finding a terminating null and stoping reading, leaving me wth a very short passoword.
the reason ive setup such a system, is to stop people picking short predicatable passwords, this is pointless if the system is only using 5 random characters (easily brute forced !)
any ideas ?
ive tried altering the keysize after the -s option, but 256 bits is its maximum, and i believe this only apply's the the key after its been hashed.
thanks.