[dm-crypt] Wrong behavior?

Milan Broz mbroz at redhat.com
Wed Jul 14 10:20:31 CEST 2010


On 07/14/2010 08:38 AM, Heinz Diehl wrote:
> On 14.07.2010, MkFly wrote: 
> 
>> Well now I'm wondering, does luksFormat use /dev/urandom for
>> master-key generation?
> 
> Yes, it does.

I want add rng selection to 1.3.x, no eta yet, there is issue for that
on project page. And several discussions already:-)

I was quite disapponted how gcrypt RNG works so code will stick
with using /dev/random for long-term key, urandom for other things (wipe, salt).

There will be option to use RNG for key generation - for now it should
support random/urandom/gcrypt(very strong) RNG (with /dev/random as default).

Milan


More information about the dm-crypt mailing list