At Wed, 19 Aug 2009 16:54:24 +0200, octane indice wrote: > But every people I give the appliance will have the crypto key which crypt > and decrypt data. So, as a security point of view, it's not acceptable. I'm not shure at all if I understand correctly what you have in mind, but to unlock a LUKS/dmcrypt partition, you have to provide the correct passphrase/keyfile. If you do not, there is no way other than bruteforcing it or an attack towards the encryption itself. The master key itself stays fully encrypted. You can read more here: http://cryptsetup.googlecode.com/svn-history/r42/wiki/LUKS-standard/on-disk-format.pdf _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
