[dm-crypt] Security concern: gpg keyfile vs passphrase

lyz lyz at riseup.net
Tue Jul 7 22:32:49 CEST 2015

Hi all,

I'm encrypting my whole system under LUKS, and I've seen that in the
wiki of Arch and Gentoo they suggest to use a keyfile and encrypt it
with gpg.

Why is more secure to encrypt a keyfile with a passphrase and then
encrypt the device with the keyfile rather than encrypting the device
directly with the passphrase?

Against a brute force attack the passphrase is the same, so they should
be equally secure, am I wrong?

Thank you

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20150707/df213200/attachment.asc>

More information about the dm-crypt mailing list