Re: Unencrypted boot with encrypted root

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Unencrypted boot with encrypted root

From:	Ellen Papsch
Subject:	Re: Unencrypted boot with encrypted root
Date:	Mon, 06 Apr 2020 14:00:04 +0200
User-agent:	Evolution 3.34.1 (by Flathub.org)

Am Samstag, den 04.04.2020, 12:18 +0200 schrieb pelzflorian (Florian
Pelz):
> Could key files help in passing the passphrase on to the
> Linux kernel?  The Arch Wiki says this: [...]
> 

The key file would be another means of decrypting the master key, if I
understand LUKS correctly. It would be independent of the passphrase.
(In LUKS terminology, two slots are used).

It would definitely help usability not having to enter a passphrase
twice. The GUI/TUI installer should take care generating the file and
ensuring strict permissions, so user processes cannot read it. There is
still some risk, because root processes could read it. If the installer
would support an external medium for the file, that would be best
(IMHO).

Best regards

[Prev in Thread]

Current Thread

[Next in Thread]

Unencrypted boot with encrypted root, Pierre Neidhardt, 2020/04/02
- Re: Unencrypted boot with encrypted root, pelzflorian (Florian Pelz), 2020/04/03
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/03
  - Re: Unencrypted boot with encrypted root, Pierre Neidhardt, 2020/04/03
    - Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/03
    - Re: Unencrypted boot with encrypted root, Guillaume Le Vaillant, 2020/04/03
    - Re: Unencrypted boot with encrypted root, Pierre Neidhardt, 2020/04/04
  - Re: Unencrypted boot with encrypted root, pelzflorian (Florian Pelz), 2020/04/03
    - Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/04
    - Re: Unencrypted boot with encrypted root, pelzflorian (Florian Pelz), 2020/04/04
    - Re: Unencrypted boot with encrypted root, Ellen Papsch <=
    - Re: Unencrypted boot with encrypted root, Ludovic Courtès, 2020/04/07
    - Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/07
    - Re: Unencrypted boot with encrypted root, Ludovic Courtès, 2020/04/07
    - Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/08
    - Re: Unencrypted boot with encrypted root, Alex Griffin, 2020/04/07
    - Re: Unencrypted boot with encrypted root, Vagrant Cascadian, 2020/04/07
    - Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/08
    - Re: Unencrypted boot with encrypted root, Alex Griffin, 2020/04/08
    - Re: Unencrypted boot with encrypted root, Vagrant Cascadian, 2020/04/08
    - Re: Unencrypted boot with encrypted root, Pierre Neidhardt, 2020/04/08

Prev by Date: Re: Syntax errors in latest guix-manual ru.po
Next by Date: Feedback guix-hurd-20200401.img with qemu
Previous by thread: Re: Unencrypted boot with encrypted root
Next by thread: Re: Unencrypted boot with encrypted root
Index(es):
- Date
- Thread