Hi,
When uncommenting ENCRYPTION=$DEFAULT_CIPHER in /etc/lbu/lbu.conf and
then committing I noticed this error:
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.
lbu should probably be updated to use a modern key derivation function
with a suitable number of rounds.
Thoughts?
I suppose changing it there would be the concern of backwards
compatibility.
If I remember correctly Cryptsetup 2.0 changed to Argon:
https://www.saout.de/pipermail/dm-crypt/2017-December/005771.html
I posted an issue about it on the bug tracker:
https://gitlab.alpinelinux.org/alpine/alpine-conf/-/issues/10457
However it was mentioned in #alpine-linux that I should also post it to
the devel mailing list for discussion.
--
Daniel Gray (dng) 0x41911F722B0F9AE3
https://social.privacytools.io/@dngray