Date: Thu, 15 May 2003 02:15:55 -0700 From: Terry Lambert <tlambert2@mindspring.com> To: Narvi <narvi@haldjas.folklore.ee> Cc: Stalker <stalker@ents.za.net> Subject: Re: Crypted Disk Question Message-ID: <3EC35ACB.BFA5DE86@mindspring.com> References: <20030514214341.T40030-100000@haldjas.folklore.ee>
next in thread | previous in thread | raw e-mail | index | archive | help
Narvi wrote: > > The question boils down to "How does this automatic process know > > it's you, and not someone else, turning on the computer?". > > Well, this is not entirely fair - a removed from server hard disk would in > the scenario still remain locked and data inacessible. Similarily, for the > removal of the server, say using an iButton or USB drive or similar that > is needed to unlock the data but would be kept separately. Anything that doesn't require a human to intervene can be subverted. If there are people with sufficient physical access to the disk that it needs to have its contents encrypted in the first place, then they have sufficient physical access to put a breakout between the computer and any serial or USB or other dongle you can name. > You could say have an expect script watching the serial console output and > enter the key. And if you had sufficient physical access to the drive to be able to read its raw data, then you have sufficient access to capture the key entry by the other box by inserting a tap and rebooting the box that needs the key on reboot. > Another way would be having the server establishing a ssh > session to a machine to get the key. If the ssh is automatic, either because of symmetric key distribution, or because your passpharase is blank... then, again, it's easy to intercept the exchange. If it's safe from this, then it requires a human to enter a passphrase, and you are back to the original problem. > it really depends on what kinds of reasons the encryption > is being used for and whats the spectrum of allowable tradeoffs. The only reason for an encrypted drive, since once you are logged in, and have entered the password, the drive is not crypted, is fear about someone else with physical access to the drive. -- Terry
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EC35ACB.BFA5DE86>