Date: Sun, 11 May 2003 07:42:37 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Hi, does placing a seed into the initrg.gz file mean that the only way to read off this drive, is to boot off it? I ask because i'd like to make it necessary to boot the hard drive and possibly allow for the inclusion of "safty traps". There's nothing that can be done if the disk is simply mounted in another PC readonly. The bootup password prompt could accept a few different passwords. If forced, the user gives up a "safety trap" password. This password appears to de-crypt fine so the user is off the hook, however this password has been setup to run a different bootup script. Possible implementations could allow mounting a crafted fake root, or perhaps simply running a "rm -rf" script. I think something like this would greatly improve the security of an encrypted hard drive solution. Secondly, I'm not sure if the seed is easily recoverable from the initrd.gz, i imagine its probably plain (binary) text? Perhaps we could take the same approach as an ssh connection where an initial encrypted session is engaged before the real encrypted session is initiated. At the moment i have an RC script that echo's my password to losetup, as long as my system is on its susceptible to unrelated rooting exploits that could expose my precious encryption password ( or private key ) Brad. _________________________________________________________________ Find din ferie på MSN Rejser http://www.msn.dk/rejser - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
