cross-posted from: https://programming.dev/post/9319044
Hey,
I am planning to implement authenticated boot inspired from Pid Eins’ blog. I’ll be using pam mount for /home/user. I need to check integrity of all partitions.
I have been using luks+ext4 till now. I am
hesistanthesitant to switch to zfs/btrfs, afraid I might fuck up. A while back I accidently purged ‘/’ trying out timeshift which was my fault.Should I use zfs/btrfs for /home/user? As for root, I’m considering luks+(zfs/btrfs) to be restorable to blank state.
That’s what I said, lol. But he did claim he didn’t reuse the password, so who knows? He also could’ve used a very low number of iterations, making cracking the LUKS header feasible; the default is based on how many iterations your CPU can do in a certain amount of time, so a not-so-powerful laptop could be nerfing its own security.
Regardless, it can’t hurt to pick a more modern PKDF algorithm.