On Tue, Aug 04, 2009 at 10:39:38AM -0600, Modulok wrote: > But I'm also looking for a good way to generate high quality crypto > keys. In the later case, the data being protected are disk images of > clients...mountains of sensitive data. These will be on USB > keys, and thus do not need to be memorized. Assuming my clients are > not enemies of a state, /dev/random should be a sufficient source for > this purpose, correct? i.e: > > dd if=/dev/random of=foo.key bs=256 count=1
It should be "good enough"... but you need to do so reading on non-linear key spaces first. Depending on the symmetric cipher, not all keys are equally strong; and if you're unlucky, you may catch one of those "bad keys" through /dev/random. However, this is a fairly advanced crypto topic. > Thanks guys! > -Modulok- -cpghost. -- Cordula's Web. http://www.cordula.ws/ _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"