Listen, I do not have a password or a login, don't be a jerk or an a-hole... I just want off this list!!!!
Sent from my iPod > On Jan 2, 2014, at 10:49 AM, Michael Soulier <msoul...@digitaltorque.ca> > wrote: > > Perhaps you should read the footer of every email. > > mps > >> On Jan 2, 2014, at 9:58 AM, Phil Labonté <plabo...@gmail.com> wrote: >> >> How do I unsubscribe from this list????? >> >> Sent from my iPod >> >>>> On Jan 2, 2014, at 9:43 AM, Martin Hicks <m...@bork.org> wrote: >>>> >>>> On Mon, Dec 23, 2013 at 4:18 PM, Alex Pilon <a...@alexpilon.ca> wrote: >>>> On Mon, Dec 23, 2013 at 03:47:05PM -0500, Robert P. J. Day wrote: >>>> >>>> LUKS does block device symmetric encryption. It's in a way a wrapper >>>> around dm-crypt. Plain dm-crypt requires you to specify all the >>>> parameters manually, whereas LUKS creates a header at the beginning of >>>> the block device. dm-crypt requires you to understand the crypto, and >>>> won't do things like salting your secret. LUKS will randomly generate >>>> (and salt if I recall correctly) a master secret, and provide ten >>>> “slots” for weaker secrets (e.g., passwords, passphrases, or binary data >>>> of your chosing), which it'll run through PBKDF2. >>> >>> This is close, but there is no "weaker" secret. For each "slot" (of >>> which I think there are 8) that is activated, the "Master" key is >>> encrypted using the passphrase/data that is provided when the slot is >>> enabled/configured (when you create a new LUKS device, there is only a >>> single slot activated). In the default configuration, the Master Key >>> is an AES encryption key. >>> >>> Later, when you're prompted for the passphrase to unlock the LUKS >>> device, cryptsetup loops through each enabled slot using the provided >>> passphrase and gets some Master Key as a result. It verifies (I can't >>> remember how...looks for a header?) if this Master Key makes sense >>> i.e., it successfully decrypts some data in a way that yields correct >>> plaintext. >>> >>> So, with multiple slots enabled the Master Key is encrypted multiple >>> times using different passphrases and PBKDF2. >>> >>> mh >>> >>> -- >>> Martin Hicks P.Eng. | m...@bork.org >>> Bork Consulting Inc. | +1 (613) 266-2296 >>> _______________________________________________ >>> Linux mailing list >>> Linux@lists.oclug.on.ca >>> http://oclug.on.ca/mailman/listinfo/linux >> _______________________________________________ >> Linux mailing list >> Linux@lists.oclug.on.ca >> http://oclug.on.ca/mailman/listinfo/linux _______________________________________________ Linux mailing list Linux@lists.oclug.on.ca http://oclug.on.ca/mailman/listinfo/linux
