[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Unencrypted boot with encrypted root
From: |
Ellen Papsch |
Subject: |
Re: Unencrypted boot with encrypted root |
Date: |
Mon, 06 Apr 2020 14:00:04 +0200 |
User-agent: |
Evolution 3.34.1 (by Flathub.org) |
Am Samstag, den 04.04.2020, 12:18 +0200 schrieb pelzflorian (Florian
Pelz):
> Could key files help in passing the passphrase on to the
> Linux kernel? The Arch Wiki says this: [...]
>
The key file would be another means of decrypting the master key, if I
understand LUKS correctly. It would be independent of the passphrase.
(In LUKS terminology, two slots are used).
It would definitely help usability not having to enter a passphrase
twice. The GUI/TUI installer should take care generating the file and
ensuring strict permissions, so user processes cannot read it. There is
still some risk, because root processes could read it. If the installer
would support an external medium for the file, that would be best
(IMHO).
Best regards
- Unencrypted boot with encrypted root, Pierre Neidhardt, 2020/04/02
- Re: Unencrypted boot with encrypted root, pelzflorian (Florian Pelz), 2020/04/03
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/04
- Re: Unencrypted boot with encrypted root, pelzflorian (Florian Pelz), 2020/04/04
- Re: Unencrypted boot with encrypted root,
Ellen Papsch <=
- Re: Unencrypted boot with encrypted root, Ludovic Courtès, 2020/04/07
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/07
- Re: Unencrypted boot with encrypted root, Ludovic Courtès, 2020/04/07
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/08
- Re: Unencrypted boot with encrypted root, Alex Griffin, 2020/04/07
- Re: Unencrypted boot with encrypted root, Vagrant Cascadian, 2020/04/07
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/08
- Re: Unencrypted boot with encrypted root, Alex Griffin, 2020/04/08
- Re: Unencrypted boot with encrypted root, Vagrant Cascadian, 2020/04/08
- Re: Unencrypted boot with encrypted root, Pierre Neidhardt, 2020/04/08