LUKS/Fedora question: Does anybody know if there is a way to increase the number of passphrase attempts to unlock the encrypted partition at boot before cryptsetup failure ?

#Linux #Fedora #LUKS #CryptSetup #GNOME

#linux #cryptsetup #luks are there any practices surrounding rotating the volume key using `cryptsetup reencrypt <cryptvolume>`?

IIUC, when the header is stolen it is possible to determine exactly which key/passphrase is the correct one. So by exfiltrating the header alone, one could theoretically start cracking. So reencrypting would prevent a stolen header from being useful for too long a long time afterwards.

Granted, it is a bit hypothetical. #security #encryption #confidentiality

They changed the default hash for plain mode in #cryptsetup

Had a lot of fun after upgrade.

Thanks.