On Sat, Mar 28, 2015 at 01:49:23PM +0100, pinguin74@gmx.com wrote:
On 27. März 2015 14:02:40 MEZ, Marcus Meissner <meissner@suse.de> wrote:
Hello,
I installed OpenSUSE 13.2 with the default YaST encryption settings. When examining the final product with "cryptsetup luksDump /dev/sda2" the encryption used was aes xts-plain-64 with a MK bits (key size) of 256 bits. Which is effectively 128 bits for XTS mode. There was no GUI way to change this in the installer.
Most of the other distributions (Debian Jessie, Fedora 21, Ubuntu 14, CentOS 7) are shipping with a default key size of 512 bits (effectively 256 bits) for aes xts-plain-64 in their installers.
Is this an omission in OpenSUSE or is there a policy for keeping system encryption at 256 (effectively 128) bits?
Apologies if I couldn't pinpoint a prior message about this in the
On Wed, Mar 25, 2015 at 02:41:17AM -0400, John Ashcroft wrote: list.
This is an omission.
Ciao, Marcus
Why don't you give us the option in YaST to chose the cipher and key length?
"you" is strangely worded. It would be whoever develops the yast2 storage module. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org