Re: Stupid Question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Valerio Paris Mitritsakis <valerio@xxxxxxxxxxxxxx> writes:

> I am looking into the possibility of having an Ubuntu 8.04
> installation with an encrypted filesystem.  As it is supported out
> of the box I managed to get it up and running in no time. However
> what I would really need is the system to boot without prompting for
> a passphrase. I just want to prevent someone from unplugging the
> hard disk and mounting it on another machine. So far I have seen
> that this can be done with a USB Key with a key file however I do
> not want to use a USB Key.
>
> Is there any other way?

There are two ways to do this.  The first way is to store the password
in a file.  This method, however, has drawbacks, as you point out:

> I know that this would compromise security and probably kind of beat
> the purpose for what I would use LUKS however I want to prevent Joe
> Average and not Joe Hacker from reading my disk.

The other method, if you run Ubuntu or Debian, is to use the Mandos
system, which requests a password from a server on the local ethernet
network.  It's all encrypted in all sorts of ways; see the FAQ in the
latest README file for details:
http://bzr.fukt.bsnet.se/loggerhead/mandos/trunk/annotate/head:/README

The Mandos packages for Debian and Ubuntu are named "mandos-client"
and "mandos", and are available in Debian unstable right now, and also
- From the project home page, which also has documentation, etc:

http://www.fukt.bsnet.se/mandos

/Teddy Hogeborn, Mandos Developer

- -- 
The Mandos Project
http://www.fukt.bsnet.se/mandos
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFJd8EzOWBmT5XqI90RAgaSAJ4j6ymPSLYwYIYfiHvRcdHaJ+dBJgCfdvr3
KNXapVGEQzgt1VnQaIiJQRA=
=siJU
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx



[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux