Ted Unangst wrote:
right, the key provided via vnd(4) is used as is, and vnconfig(8) doesn't perform any transformation. this cuts the possible key space down quite a bit if you're using a keyboard to perform the entry.
This wouldn't be a problem for me, since I don't want to use a 448 bit key. But I'd like to use a passphrase of at least 20 words from the diceware list, which roughly corresponds to a 256 bit key. So I'll have to change vnconfig, maybe by adding a SHA-1 transformation right after the call to "getpass", because it would be cumbersome to translate the passphrase manually every time I have to enter the key.
Thank you very much for your answer, Stefan
