Yeah the included ossl usage is using old key derivation. On my installation i
have replaced amcrypt-ossl usage with:
# cat /etc/amanda/encrypt
#!/bin/bash
AMANDA_HOME=~amanda
PASSPHRASE=$AMANDA_HOME/.am_passphrase # required
RANDFILE=$AMANDA_HOME/.rnd
export RANDFILE
if [ "$1" = -d ]; then
Am 04.05.22 um 11:36 schrieb Exuvo:
Yeah the included ossl usage is using old key derivation. On my
installation i have replaced amcrypt-ossl usage with:
# cat /etc/amanda/encrypt
#!/bin/bash
AMANDA_HOME=~amanda
PASSPHRASE=$AMANDA_HOME/.am_passphrase # required
RANDFILE=$AMANDA_HOME/.rnd
exp
Am 04.05.22 um 12:46 schrieb Stefan G. Weichinger:
Am 04.05.22 um 11:36 schrieb Exuvo:
Yeah the included ossl usage is using old key derivation. On my
installation i have replaced amcrypt-ossl usage with:
# cat /etc/amanda/encrypt
#!/bin/bash
AMANDA_HOME=~amanda
PASSPHRASE=$AMANDA_HOME/.am_p
Ah yes my RANDFILE was probably already created long ago when i initially set
up encryption.
From what i have read the random file is not really on most systems as it is
only there to help with low entropy systems (ie server that does nothing most
of the time).
Each time openssl runs it uses t
Hi,
On topic of low entropy: if you're not already familiar with it, please
take a look at https://github.com/jirka-h/haveged especially for
headless systems.
Cheers,
Kees
On 04-05-2022 16:46, Exuvo wrote:
Ah yes my RANDFILE was probably already created long ago when i
initially set up encr