Re: [SOLVED] Re: Submission runs very slowly

Mon, 13 Feb 2023 15:40:53 -0800 

Allen Coates wrote in
 <4e60d85c-eec7-5e73-0b50-e7e652cb0...@cidercounty.org.uk>:
 |On 13/02/2023 22:43, raf wrote:
 |> And for diceware style passphrases to be meaningful,
 |> it's important that none of the words are "picked" by a
 |> human. They must be random. Then, it doesn't matter if
 |> they are common words or not.
 |A human can throw in a misspelt or foreign-language word.  Probably \
 |optimum if (s)he doctors a truly random selection.
 |
 |Also, don't forget numbers and special characters etc.   I think a \
 |human would need to add those, too.
 |
 |It occurs to me that, once "the enemy" gets past dictionary searches,  \
 |they won't know the actual password length.  They
 |would have to explore random character sequences of EVERY length - \
 |and not just that of YOUR password...

I am one of those who is still not using yubikeys and such things.
For almost anything i use (a subset of)

  dd if=/dev/urandom bs=1 count=512 | LC_ALL=C tr -cd 'a-zA-Z0-9_.,=@%^+-'

In full i only type (1) the cryptsetup token for my harddisk(s),
(2) my (and root's) account password(s), and (3) the password for
an encfs filesystem.  (3) is a very long sentence, (2) are
somewhat long, (1) is pretty tough to type.  (Mixed case and
unusual punctuation to be expected.)  All others "get loaded" via
scripts (from within (3)).

But hey, this is very unprofessional.  Here an excerpt of a post
of Theodore Ts'o to openssl-dev@ from Sat, 26 Apr 2014:

  For example, I recently signed a git tag:

  % git tag -s ext4_for_linus_stable

          <Insert smart card, type the pin to create the GPG signed tag>

  % git push 
ssh://gitol...@ra.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git 
tags/ext4_for_linus_stable

          <Type pin to unlock the ssh key, which is also on the smart card>

  % git request-pull origin 
git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git 
tags/ext4_for_linus_stable > /tmp/pull

  (I have aliases and shell scripts for most of this, but I've expanded
  all of this out for clarity.)

So if you do not use a card or key which needs tipping or even PIN
entry to give out something, etc etc etc, you are wrong.

--steffen
|
|Der Kragenbaer,                The moon bear,
|der holt sich munter           he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

Reply via email to