Re: Remote authentication?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 21/09/2009 Niall Murphy wrote:
> ----- Jonas Meurer <jonas@xxxxxxxxxxxxxxx> wrote:
> > it depends on whether you want to encrypt the whole system, including
> > root filesystem, or if encrypting the data partitions is enough.
> > 
> > for the latter case you can ssh-login into the machine after boot,
> > unlock the encrypted data partitions and start services manually.
> > 
> > in case that the root partition should be encrypted, you'll need to
> > start a minimal ssh daemon in the initramfs in order to login remotely
> > and unlock the root partition before the root filesystem is mounted.
> > 
> > the debian cryptsetup package supports remote unlocking of the root
> > partition with the help of a dropbear ssh server inside the initramfs.
> > see README.remote for more information:
> > http://svn.debian.org/wsvn/pkg-cryptsetup/cryptsetup/trunk/debian/README.remote
> > 
> > please note that this information is specific to the debian and ubuntu
> > distributions. it doesn't apply if you use any other linux distribution.
> > 
> Thanks Jonas,
> 
> That sounds ideal. However, i came across this so have some reservations.
> http://www.howtoforge.com/unlock-a-luks-encrypted-root-partition-via-ssh-on-ubuntu
> 
> It lists two types of attack to this approach:
> 
> (1) ColdBoot Attack by reading the crypto password from the ram blocks
> (not much you can't do against that without special hardware, see
> here)

this attack is possible against all kinds of disk encrpyption and in no
way related to remote disk encryption.

> (2) The created initrd can be manipulated so that it logs the crypto
> password somewhere. As /boot is not encrypted an attacker may gain
> this way the password for the LUKS-devices. You could, to prevent
> that, make a bootable cd with the according kernels and initrds and
> implement some kind of hash check... maybe there are other methods...
> feedback is welcomed here.

yes, unencrypted boot partition is a security issue, but then an
attacker as well can modify the kernel. attackers don't even have
to modify software, they could install additional hardware like
keyloggers as well. 
in general you can only trust your system if you've physical
control over it.

this again is not related/limited to remote disk encryption.

greetings,
 jonas

Attachment: signature.asc
Description: Digital signature

_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt

[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux