Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 14 May 2003 22:12:01 +0300 (EEST)
From:      Narvi <narvi@haldjas.folklore.ee>
To:        Terry Lambert <tlambert2@mindspring.com>
Cc:        Stalker <stalker@ents.za.net>
Subject:   Re: Crypted Disk Question
Message-ID:  <20030514214341.T40030-100000@haldjas.folklore.ee>
In-Reply-To: <3EC1CFC4.368715F9@mindspring.com>

next in thread | previous in thread | raw e-mail | index | archive | help

On Tue, 13 May 2003, Terry Lambert wrote:

> Stalker wrote:
> > With encrypted disks, when you mount them it requires you to enter a
> > password, and im wondering if anyone has come up with a way that maintains
> > the security, but also automates the process of entering the password.
>
> You mean, so that if anyone who wanted to read your disk could
> just turn on your computer, and it would automate entering the
> password for them?
>
> 8-) 8-) 8-).
>
> The question boils down to "How does this automatic process know
> it's you, and not someone else, turning on the computer?".
>

Well, this is not entirely fair - a removed from server hard disk would in
the scenario still remain locked and data inacessible. Similarily, for the
removal of the server, say using an iButton or USB drive or similar that
is needed to unlock the data but would be kept separately.

You could say have an expect script watching the serial console output and
enter the key. Another way would be having the server establishing a ssh
session to a machine to get the key. it really depends on what kinds of
reasons the encryption is being used for and whats the spectrum of
allowable tradeoffs.

> Maybe it could have you enter a password... 8-) 8-O.
>
> -- Terry
>




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030514214341.T40030-100000>