Date: Sun, 9 Jan 2022 15:35:23 +0000 From: Steve O'Hara-Smith <steve@sohara.org> To: Valeri Galtsev <galtsev@kicp.uchicago.edu> Cc: questions@freebsd.org Subject: Re: entering geli passphrase only once at FreeBSD boot Message-ID: <20220109153523.5cdc554507c5d9966f4eb28e@sohara.org> In-Reply-To: <f84b37a9-eba2-8307-40bd-4c9a7700abf0@kicp.uchicago.edu> References: <CAKkGsYKyPt5OfYVH5L=83yqzeHvkyMaU6oZH_0WzRFrWRKsXSw@mail.gmail.com> <20220109102339.45932ef6cf6f42daa3a1871d@sohara.org> <CAOgwaMshquXn8NbotqPQNp22_wVw_aSiG476%2BYVNuTKMPB7eDQ@mail.gmail.com> <20220109145048.141b35831e07ad9fa8a73c66@sohara.org> <f84b37a9-eba2-8307-40bd-4c9a7700abf0@kicp.uchicago.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 9 Jan 2022 10:20:59 -0500 Valeri Galtsev <galtsev@kicp.uchicago.edu> wrote: > If RFID chip is involved, part of "hiding" [secret] is to keep card with > RFID chip inside shielding sleeve. Or the guy with RF scanner standing > next to will easily read it. QR code and camera, typed password and shoulder surfer, fingerprint and wine glass ... same problem different spaces, the standard solutions are OTP and challenge/response neither of which is an option for geli passphrases unfortunately which leaves only "be careful". > PS My wallet has RF shielding foil inserts ;-) Mine too. -- Steve O'Hara-Smith <steve@sohara.org>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20220109153523.5cdc554507c5d9966f4eb28e>