[Bug 243676] geom_eli geli: Erroneously accepts weak (short) keys

bugzilla-noreply Tue, 28 Jan 2020 09:24:21 -0800

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=243676


            Bug ID: 243676
           Summary: geom_eli geli: Erroneously accepts weak (short) keys
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: b...@freebsd.org
          Reporter: c...@freebsd.org

Entropy is cheap.  We should reject keyfiles smaller than 256 bits at
initialization time.  At attach, we should clearly continue allowing people to
access their existing volumes, but maybe a warning would be appropriate? 
Today, GELI allows initialization with small and empty keyfiles (init -K,
attach -k).  These should be rejected.

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-bugs@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"

[Bug 243676] geom_eli geli: Erroneously accepts weak (short) keys

Reply via email to