From owner-freebsd-doc@FreeBSD.ORG Mon Jun 12 04:10:22 2006 Return-Path: X-Original-To: freebsd-doc@hub.freebsd.org Delivered-To: freebsd-doc@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3DE3116A418 for ; Mon, 12 Jun 2006 04:10:22 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id A6E9F43D46 for ; Mon, 12 Jun 2006 04:10:21 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k5C4ALi2074403 for ; Mon, 12 Jun 2006 04:10:21 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k5C4ALZO074401; Mon, 12 Jun 2006 04:10:21 GMT (envelope-from gnats) Resent-Date: Mon, 12 Jun 2006 04:10:21 GMT Resent-Message-Id: <200606120410.k5C4ALZO074401@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-doc@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Ian Cognito Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8986F16A46F for ; Mon, 12 Jun 2006 04:09:18 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5600343D49 for ; Mon, 12 Jun 2006 04:09:18 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.13.1/8.13.1) with ESMTP id k5C49INS016041 for ; Mon, 12 Jun 2006 04:09:18 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.13.1/8.13.1/Submit) id k5C49Ihg016040; Mon, 12 Jun 2006 04:09:18 GMT (envelope-from nobody) Message-Id: <200606120409.k5C49Ihg016040@www.freebsd.org> Date: Mon, 12 Jun 2006 04:09:18 GMT From: Ian Cognito To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-2.3 Cc: Subject: docs/98842: misc requests for gdbe X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jun 2006 04:10:22 -0000 >Number: 98842 >Category: docs >Synopsis: misc requests for gdbe >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Jun 12 04:10:20 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Ian Cognito >Release: 6.0 >Organization: >Environment: >Description: First, let me say gbde is fairly impressive, and my requests in no way constitute bashing it. In the documentation, it'd be nice if we had some idea of how much entropy the passphrase should contain to prevent it from being the weakest link in the security. The following ideas were taken from truecrypt. I haven't really thought through whether they buy us much, so take them as food for thought... It would be nice if we could specify a file on the filesystem which could be used in conjunction with the key to provide enough entropy for said pass phrase, and especially to be able to read it from a pipe (I do not know if gdbe can do this or not). Alternately it could be used in conjunction with the standard key mechanisms to create the sector keys, and so a passphrase alone is insufficient to gain access to plaintext. Either way it's sort of a cheap way of getting a lot of entropy out of a memorable passphrase, which tends to be somewhat weak alone (1-2 bits per letter). >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: >Unformatted: