[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Unencrypted boot with encrypted root

From: Ellen Papsch
Subject: Re: Unencrypted boot with encrypted root
Date: Wed, 08 Apr 2020 14:37:39 +0200
User-agent: Evolution 3.34.1 (by

Am Dienstag, den 07.04.2020, 22:19 +0200 schrieb Ludovic Courtès:
> Ellen Papsch <address@hidden> skribis:
> Sure, but what happens when you reconfigure?  You still need to have
> that file around so it can be added to the initrd.

Does it really have to be added to initrd? From my other reply:

> These may be dangerous waters. The key file in initrd is like a house
> key under the mattress. A malicious process could look in the well
> defined place and exfiltrate the key. Think state trojan horses. A
> random name would not suffice, because other characteristics may help
> identifying the file (i.e. size).

> I think* Guix would burden itself too much with secrets. It's
> something for the user and the installer should just make it more
> convenient, with a nudge to a more secure setup. The key file should
> be stored in a user specified location, preferably a pen drive (which
> is otherwise not used). It can be removed, so no read can occur by
> arbitrary processes. A passphrase should be added as backup.
> (*) as non-guru

reconfigure would not have to touch the file at all, if it were a user
supplied file name. I'm aware other files are often put in the store by
references in operating-system (or inlined). The secrets file on the
other hand should just be assumed to be there. Initrd should try to
mount the drive.

Best regards

reply via email to

[Prev in Thread] Current Thread [Next in Thread]