On Mon Mar 25, 2002 at 06:24:09PM +0000, Robert Horton wrote:

> Have a look at the manpage for losetup.

Ahhh... slick! Thanks!

> You can use just about any filesytem, as it is the loopback device that
> actually handles the encryption (I think). You can also specify what
> strength encryption you want.

It's sad that it only uses a maximum of 256 bits, but I guess it has
to be low enough so that it can be fast enough to be useable. I just
read a rather disconcerting message on bugtraq about 1024 bit
encryption in PKI (ie. pgp/gpg/ssh keys, etc.), and how easily it can
now, conceivably, be cracked. I'll forward a copy to the list for
interest.

> One upshot of this is that you can create "virtual" encrypted disks, just
> like pgp disk, which is really awesome.

Yes, I like this. I would *really* like to have something like
~/encrypted and set ~/.ssh and ~/.gnupg as symlinks to that
directory. And if it can be a file instead of an actual partition, so
much the better.

Time to go exploring... =)

-- 
MandrakeSoft Security; http://www.mandrakesecure.net/
"lynx -source http://www.freezer-burn.org/bios/vdanen.gpg | gpg --import"
1024D/FE6F2AFD   88D8 0D23 8D4B 3407 5BD7  66F9 2043 D0E5 FE6F 2AFD
Current Linux kernel 2.4.18-6mdk uptime: 1 day 21 hours 4 minutes.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org

iD8DBQE8n+mTIEPQ5f5vKv0RAsWOAJ9XBdap6Y2/40LVPnKnZKkmu+LEnQCgxdZe nl01MQh7gypTzdc1CbRURA0= =mwRk -----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]