[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Unencrypted boot with encrypted root
From: |
Ludovic Courtès |
Subject: |
Re: Unencrypted boot with encrypted root |
Date: |
Tue, 07 Apr 2020 11:46:27 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) |
Hi,
Ellen Papsch <address@hidden> skribis:
> Am Samstag, den 04.04.2020, 12:18 +0200 schrieb pelzflorian (Florian
> Pelz):
>> Could key files help in passing the passphrase on to the
>> Linux kernel? The Arch Wiki says this: [...]
>>
>
> The key file would be another means of decrypting the master key, if I
> understand LUKS correctly. It would be independent of the passphrase.
> (In LUKS terminology, two slots are used).
>
> It would definitely help usability not having to enter a passphrase
> twice. The GUI/TUI installer should take care generating the file and
> ensuring strict permissions, so user processes cannot read it. There is
> still some risk, because root processes could read it. If the installer
> would support an external medium for the file, that would be best
> (IMHO).
The difficulty is that any file traveling through the store is
world-readable. It’s hard to avoid.
Ludo’.
- Re: Unencrypted boot with encrypted root, (continued)
- Re: Unencrypted boot with encrypted root, pelzflorian (Florian Pelz), 2020/04/03
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/04
- Re: Unencrypted boot with encrypted root, pelzflorian (Florian Pelz), 2020/04/04
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/06
- Re: Unencrypted boot with encrypted root,
Ludovic Courtès <=
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/07
- Re: Unencrypted boot with encrypted root, Ludovic Courtès, 2020/04/07
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/08
- Re: Unencrypted boot with encrypted root, Alex Griffin, 2020/04/07
- Re: Unencrypted boot with encrypted root, Vagrant Cascadian, 2020/04/07
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/08
- Re: Unencrypted boot with encrypted root, Alex Griffin, 2020/04/08
- Re: Unencrypted boot with encrypted root, Vagrant Cascadian, 2020/04/08
- Re: Unencrypted boot with encrypted root, Pierre Neidhardt, 2020/04/08
- Re: Unencrypted boot with encrypted root, Alex Griffin, 2020/04/08