Good call on the hashing, reducing the quality of the passwords, Kurt.
The hash generated passwords are for online accounts, as
auto-generated initial passwords and such.

But I'm also looking for a good way to generate high quality crypto
keys. In the later case, the data being protected are disk images of
clients...mountains of sensitive data. These will be on USB
keys, and thus do not need to be memorized. Assuming my clients are
not enemies of a state, /dev/random should be a sufficient source for
this purpose, correct? i.e:

dd if=/dev/random of=foo.key bs=256 count=1

Thanks guys!
_______________________________________________ mailing list
To unsubscribe, send any mail to ""

Reply via email to