LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   General (https://www.linuxquestions.org/questions/general-10/)
-   -   which is more secure? a key file or a passphrase (https://www.linuxquestions.org/questions/general-10/which-is-more-secure-a-key-file-or-a-passphrase-4175656220/)

LMINTUSER 06-23-2019 02:59 AM

which is more secure? a key file or a passphrase
 
Hi everyone

I'm curious to know which is better a keyfile or passphrase for cryptsetup? I know there a pro and con for either one.

Thanks

Turbocapitalist 06-23-2019 04:05 AM

Welcome, but please re-read the forum guidelines on how to ask a question properly. As phrased, your query lacks the information needed to help you with it. Also, we do not do homework. We can help you over the hard parts but you'll have to do the actual work yourself.

That said, what do you mean by "cryptsetup" and how do you plan to use it?

AnanthaP 06-24-2019 11:08 PM

They are fundamentally different aspects (factors) of security.
- A key file is a file - WHAT YOU HAVE ON A COMPUTER.
- A passphrase is usually - WHAT YOU KNOW AND NOT STORED ON A DEVICE.

I would say that in normal usage, a passphrase is more secure.

OK

floppywhopper 06-25-2019 12:41 AM

Quote:

Originally Posted by Turbocapitalist (Post 6008168)
That said, what do you mean by "cryptsetup" and how do you plan to use it?

possibly referring to https://wiki.archlinux.org/index.php...ice_encryption

Michael Uplawski 06-25-2019 06:05 AM

man cryptsetup
Quote:

cryptsetup is used to conveniently setup dm-crypt managed device-mapper
mappings. These include plain dm-crypt volumes and LUKS volumes. The
difference is that LUKS uses a metadata header and can hence offer more
features than plain dm-crypt. On the other hand, the header is visible
and vulnerable to damage.
In addition, cryptsetup provides limited support for the use of loop-
AES volumes and for TrueCrypt compatible volumes.
A passphrase that you can remember is either too short, too simple or too easily forgotten.
A file that you keep on your computer is either too simple to find or too simply destroyed, as you keep forgetting what it was doing.

The most embarrassing thing is probably the word “better”.

The rest is in the documents.


All times are GMT -5. The time now is 05:51 PM.