[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Unencrypted boot with encrypted root

From: Ellen Papsch
Subject: Re: Unencrypted boot with encrypted root
Date: Mon, 06 Apr 2020 14:00:04 +0200
User-agent: Evolution 3.34.1 (by

Am Samstag, den 04.04.2020, 12:18 +0200 schrieb pelzflorian (Florian
> Could key files help in passing the passphrase on to the
> Linux kernel?  The Arch Wiki says this: [...]

The key file would be another means of decrypting the master key, if I
understand LUKS correctly. It would be independent of the passphrase.
(In LUKS terminology, two slots are used).

It would definitely help usability not having to enter a passphrase
twice. The GUI/TUI installer should take care generating the file and
ensuring strict permissions, so user processes cannot read it. There is
still some risk, because root processes could read it. If the installer
would support an external medium for the file, that would be best

Best regards

reply via email to

[Prev in Thread] Current Thread [Next in Thread]