On Sat, 27 Oct 2007 12:40:00 +0200 "Thomas Hobbes" <[EMAIL PROTECTED]> wrote:
> Hi, > > I want to encrypt my mobile computer's data-partition with a > passphrase, 128 bit AES and HMAC/MD5. A lot of people use different > block sizes to generate keys with dd. There are examples with block > sizes of 64, 32k and 128k in geli's man-page, but I couldn't find out > why they were used. Spidering 'geli + "key bs"' discovered that there > are some more values used, i.e. 128, 512 and 1k. What is a reasonable > block size to use? > It doesn't matter, the output of /dev/random is generated from a 256 bit yarrow key, so anything more than "dd /dev/random bs=32 count=1" is pointless. As you are only using 128 encryption, 256 bit of entropy is overkill anyway. _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"