A key file is generated with -ck. -kon is used to affect a key file without password to an encrypted volume.
-ck ensures that you have a highly secure key file, because the whole content is (pseudo-)random. But you can of course use your own key file, as long as its content cannot be guessed.
In fact, the key file (up to 4KB) is directly passed to the scrypt function, exactly as it is for a password. So, cryptographically, using a password "xyz" is the same than passing a key file with "xyz" as content.
Last edit: v77 2016-10-15
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
there is a difference between using a file generated with -kon and any?
A key file is generated with -ck. -kon is used to affect a key file without password to an encrypted volume.
-ck ensures that you have a highly secure key file, because the whole content is (pseudo-)random. But you can of course use your own key file, as long as its content cannot be guessed.
In fact, the key file (up to 4KB) is directly passed to the scrypt function, exactly as it is for a password. So, cryptographically, using a password "xyz" is the same than passing a key file with "xyz" as content.
Last edit: v77 2016-10-15