W. Michael Petullo wrote: > Pam_mount will read efsk from the local filesystem, perform > fsk = D_sk (efsk) and use fsk to mount the filesystem. If you change > your system password, simply regenerate efsk using efsk = E_sk (fsk). > > Does this technique appear to make sense from a security > point of view? The weak point here, as usual, is the strength of the password the user chooses. It's very likely much weaker than the efsk key. The only way to circumvent this is to store the user's key on some device, like a smartcard, so that the user does not have to remember a random, sufficiently long password. I wrote a pam_module that authenticates a user to the system by doing a RSA-challenge with an iButton (a smartcard). The iButton can also store a password to be used with an encrypted loop-back devices. I also included a mount option to the pam module. When given, the module also retrieves this password from the iButton during the authentication process and hands it over to other pam modules as the current authentication token. Your pam_mount module can then use this token to mount the loop-back device. My pam_iButton module can be found under: http://www-users.rwth-aachen.de/dierk.bolten/pam_ibutton.html Cheers, Dierk - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
