Hi I was looking at the wikipedia article on /dev/random and /dev/urandom, having previously not used them. The article linked to a paper that analyzed the cryptographic procedures of the /dev/random and /dev/urandom in linux. The main thing that I took out of paper and the wikipedia article was that there was a small concern about the lack of entropy available in /dev/random during installs and on livecds. If the key is generated right after a reboot, they may not be sufficiently random. I'm not sure, but this could be a thing to consider if keys are going to be generated early in the install procedure. Would anyone else consider this a concern?
P.S. Sorry if I sent this to someone twice, gmail only replies to the last writer and not the list. My apologies. > > On Tue, Sep 23, 2008 at 3:48 PM, Onno Benschop <[EMAIL PROTECTED]> wrote: > >> On 24/09/08 01:43, Dustin Kirkland wrote: >> > That said, let me throw out another perhaps more controversial >> > option... What if we didn't ask, and we just provided ~/Private >> > encrypted by default? If unspecified, the mount passphrase is >> > randomly generated from 128 bits of /dev/urandom. We can do that >> > completely entirely and reliably without adding a screen to the >> > installer, and provide the system administrator user a secure, >> > encrypted location to drop critical data by default on any Ubuntu >> > Server >> When I saw the previous posts come past I wondered if this wasn't a >> better option. Leading by example. >> >> I'm not familiar with how it's created, but could it be "built-in" as >> you suggest and be created when an account is made as part of the >> adduser process? >> >> Could the (initial) pass-phrase be the user's login password? >> >> >> -- >> Onno Benschop >> >> Connected via Optus B3 at S31°54'06" - E115°50'39" (Yokine, WA) >> -- >> ()/)/)() ..ASCII for Onno.. >> |>>? ..EBCDIC for Onno.. >> --- -. -. --- ..Morse for Onno.. >> >> ITmaze - ABN: 56 178 057 063 - ph: 04 1219 8888 - >> [EMAIL PROTECTED] >> >> >> >> -- >> ubuntu-server mailing list >> [email protected] >> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server >> More info: https://wiki.ubuntu.com/ServerTeam >> > >
-- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
