[dm-crypt] maximum keyfile size

Heinz Diehl htd at fancy-poultry.org
Thu Jun 28 08:34:49 CEST 2012


On 28.06.2012, .. ink .. wrote: 

> "cryptsetup --help" says the maximum keyfile size 8192kB.

As far as I understand the crytpsetup sourcecode, the keyfile gets
hashed, and is therefore comparable with a passphrase. 8192k for a
keyfile seems massive overkill, assumed you have 256/512 bit
encryption, where it will be sufficient to generate a keyfile which
contains 32/64 random chars. 

> Does the above limit apply to users of the library too?

AFAIK this is a limit which is set at compile time, see "configure
--help". I assume it's not hardcoded.

> why that number, why not a good,round number of 10MB?

I dunno.



More information about the dm-crypt mailing list