Marc Schwartz wrote: [snip] > In simple terms, that is one of the advantages of LUKS over some of the > other systems. You can add/delete/modify the user passphrases without > having to de-crypt and re-encrypt the partition, since the encrypting > key is unchanged. I think we have to be very careful here about what is the actual promise by LUKS. Let /pretend/ I'm a terrible hacker and also possible a thief. I got access to a computer with a LUKS disk and also got (temporary) a passphrase to decrypt the LUKS disk. IF the underlying block device is readable by me (a normal user) it's possible for me to make a backup of the /entire/ LUKS header. If the system was properly setup I would not have access to it [1], but let's say this is a flawed system. I can then either steal the computer and then just insert the old LUKS header to which I have a passphrase, and decrypt the disk. OR if the LUKS disk isn't that big- I can just make a copy of the underlying disk (without having access to it's unencrypted contents) transfer it over the net and decrypt it with the replaced header I got from the LUKS. Again this require me to have read access to the underlying device. [1] Check your user permissions for underlying LUKS devices. -- Henrik Holst It's the whole "fear of the unknown" that scares me right now. --------------------------------------------------------------------- - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
