Date: Thu, 30 Jun 2005 17:51:13 -0400 From: Aaron Peterson <dopplecoder@gmail.com> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: GBDE - howto 2 factor auth? Message-ID: <45d750d2050630145161e52da6@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I've found a few placed where Poul-Henning Kamp mentions that gbde will accept any byte string as a passphrase and that the design of gbde also makes 2 factor authentication possible. I took that to understand that I might be able to use a file of random data from a usb key (something I have) and a text passphrase (something I know) to encrypt my partitions (which I also think Poul mentions somewhere). I can't find any documentation on how this might be accomplished though. The closest thing I've found was a mailing list message from a couple years ago where someone had written a script to collect the information and run it through md5 to create a single text string that could be used on the command line with gbde and the -P/-p switches.=20 With this md5 method, it seems (to my uneducated mind) that I'd be taking all the randomness in the file and my passphrase and turning it into a single fixed length string of lower case letters and numerals.=20 Seems like there would be a better way. Plus you're putting the completed passphrase on the commandline where it can potentially be seen/copied by ps, etc... Does anyone else know the way this was intended to work? Can I just pipe the contents of a file to gbde and then it still prompts me for text that it combines to use for my passphrase? That would be nice if it were that simple. Please help :-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45d750d2050630145161e52da6>