I am changing the password of a truecrypt file container. This takes around 1 minute. Why?
time truecrypt --text --change /tmp/user1.tc --keyfiles= --new-keyfiles= --password=known --new-password=known --random-source=/dev/null"
If I use strace I see that it basically does not do anything: it simply reads lots of random data from /dev/urandom (even if i specified /dev/null as random source) and finally changes the password:
open("/dev/urandom", O_RDONLY) = 6
read(6, "\36&{\351\212\212\343\202\34\313\242\312I\326\235\245\224\300\354O)\270Q\200 \201J\227\224\311_\212\367"..., 640) = 640
close(6) = 0
Best Answer
Truecrypt is generating a new key to be associated with the new passphrase. In order to achice the random nature to generate a secure key, truecrypt samples many different sources over a little while(1min). It's necessary for a new secure key. Using /dev/null is not recomended! Hope this clears it up.