[dm-crypt] Wrong behavior?
Christoph Anton Mitterer
christoph.anton.mitterer at physik.uni-muenchen.de
Wed Jul 14 20:09:00 CEST 2010
On Wed, 2010-07-14 at 12:09 +0200, Arno Wagner wrote:
> Specifically, the issue was what to do in a low-entropy environment
> (embedded system) on automatic install.
I just can point out my previous argument once again:
As the entropy is only required once (when setting up LUKS) there should
be no issue with embedded devices per se.
It's rather a problems for all kinds of automatically installed systems
and there I'd say:
- These systems usually don't use encryption anyway.
- Even I they does they'll typically require manual intervention anyway
(entering a password, providing a key file, etc.)
- And apart from that: cryptsetups main target should always be maximum
security. Therefore it would be IMO better to life (for now) with
blocking systems than using urandom.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3387 bytes
Desc: not available
More information about the dm-crypt