On Mon, Sep 8, 2008 at 1:03 AM, David Härdeman <[EMAIL PROTECTED]> wrote: > > crypto_wipe_device() will first setup a crypt-device using a random > passphrase, then write data to the crypted device. After that is done, the > crypt-device is unmounted and the key is effectively lost and > forgotten...the result should be indistinguishable from "truely" random data > for all practical purposes.
Many thanks for the fast reply. I completely misread what those lines did and am most grateful for your clear explanation. I would never have come up with this elegant way of wiping the disk. It makes a lot more sense to me than the various accounts I found of using the badblocks utility for that. If I may ask one more question, slightly tangential, just to check if I get it now: when I'm setting up a new crypt-device manually, it should be ok to wipe the disk *after* setting up the crypt_device with the actual passphrase we will be using with it later, is that right? Or would there still be any benefit in doing it beforehand with a temporary crypt-device with a different (perhaps random) passphrase? (If I understand well, the former should be fine assuming that there are no weaknesses in the encryption scheme). Thanks again, Yung-Chin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
