> 1. Maybe it would be a good idea to use an ASCII-only random string, for > example by piping it through `base64 -w 0`. That way you don't loose any > entropy (the key just gets longer) but it is easier to type the keyfile > manually, in case you ever need to. You also don't have to worry about > odd behavior of password prompts anymore. I think that is now to late for? I have already formated it and added ext4 on it plus installed some packages already (was a long way).
> > 2. You should `shred` key.out instead of `rm`. That key file was on RAM disk, not on real. ;) Roland