I've found a few placed where Poul-Henning Kamp mentions that gbde will accept any byte string as a passphrase and that the design of gbde also makes 2 factor authentication possible. I took that to understand that I might be able to use a file of random data from a usb key (something I have) and a text passphrase (something I know) to encrypt my partitions (which I also think Poul mentions somewhere). I can't find any documentation on how this might be accomplished though. The closest thing I've found was a mailing list message from a couple years ago where someone had written a script to collect the information and run it through md5 to create a single text string that could be used on the command line with gbde and the -P/-p switches. With this md5 method, it seems (to my uneducated mind) that I'd be taking all the randomness in the file and my passphrase and turning it into a single fixed length string of lower case letters and numerals. Seems like there would be a better way. Plus you're putting the completed passphrase on the commandline where it can potentially be seen/copied by ps, etc...
Does anyone else know the way this was intended to work? Can I just pipe the contents of a file to gbde and then it still prompts me for text that it combines to use for my passphrase? That would be nice if it were that simple. Please help :-) _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"