Hi Thiemo, Good to have someone reviewing this code. Use of --use-urandom by default is a very good catch and fully agree with changing that.
On 15/10/13 20:46, Thiemo Nagel wrote: > urandom also is used in crypto-volume wiping. The wipe is already done with a potentially lower level of security, because it forces AES-128 in XTS mode regardless of what the user chose for encryption of allocated data: http://anonscm.debian.org/gitweb/?p=d-i/partman-crypto.git;a=blob;f=lib/crypto-base.sh;h=e0f8e77900d05346a6beddec19b0adc3c9535d12;hb=HEAD#l341 > setup_dmcrypt $targetdevice $device aes xts-plain64 plain 128 /dev/urandom I think that's wrong, and not what a user expects. If the user is patient enough to wait for a wipe to complete, at least use their chosen algorithm and key size instead of something arbitrary? And then it makes sense to use /dev/random too. Or, if they don't care about protecting unallocated blocks, they can already skip this step. Sometimes people want to erase quickly whatever's already on disk, but that's an almost completely different use case perhaps not involving crypto, where writing all zeroes or some kind of TRIM might be adequate and even faster. (AES-128 + XTS was probably used above because it tends to be fast, but not necessarily on all platforms). Regards, -- Steven Chamberlain ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org