Hi all.
First, congrats to the coders that have made this available.
Second, a question from a newbie in dm-crypt.
THE QUESTION IN SHORT:
How do I boot a protected system but not having to type the key at any
point? It is an unattended system.
JUST A BIT MORE:
The PC runs our software, but is located in another place, with another
people who don't have to have access to the system itself, but need the
machine to be local there. We reach the system over a DSL, via ssh.
FULL DETAILS OF WHY I ASK THIS:
While I use Linux from a decade+ ago, I've never had the need to crypt
data on hard disks. Now I have a need, I initially though dm-crypt could
be the solution but I'm not sure of how to do a thing that maybe others
have already been exploring.
PROBLEM:
I sell radio advertising of third-party broadcasters. We are automating
all and radios put a PC on each studio and we control it remotely. It
is needed locally because it is from there where the audio-spots are
casted, but we control when and where remotely. The software to put in
their PC is Linux-based and is ours.
The radios are thousands of Km away and we do all on-line and by phone.
There are radios I've never seen in person.
What I do up to now is to release a bootable ISO, the radio downloads it
and burns a CD. Boots from CD and the installer formats, installs and
then boots from the HD. The radio must then insert their net
configuration and config their router so I can access the machine from a
DSL line over ssh.
Up to here, we have not used encription, because I trust very much the
people on the first stations I have had representation for.
Now we are growing. We have 46 stations from other owners. As the
station number increases, I start to loose control of what they do with
that software and I don't want they "copying" the HD to give it to
"friends" and another person building a business that compete with me
based on my own system.
I therefore thought to crypt the partitions. If radios give the full HD
to a friend... hey! doesn't matter, if their friends do not know the
passphrase, will not be able to read the contents even having a full-copy.
To avoid people entering into the live system, it does not have any
tty's avaiable (no one can log from the Keyboard) so no way to "run the
system and enter on it". The only way to copy our soft is to extract the
HD and plug into another computer as secondary, or boot that machine
from a liveCD.
SOLUTIONS I'VE BEEN THINKING BUT I DON'T SEE FOR CLEAR:
a) I thought of install dm-crypt and set some kind of "auto-mount". Of
course if passphrase is as simple as "blank", then no secret is there,
and for the "friend" it is easy to try and enter. This is not a
solution. A passphrase should be there.
b) Nevertheless, if I have a passphrase, -as that is in a REMOTE
location from me- I would have to ask the admins to insert the key by
hand, thus they would know it. They could give the phrase to their
friends. No sense. The passphrase must be secret (at least up to certain
point -ie: not "clearly known"-).
So if the system must boot, must have a passphrase and nobody has to
type it, only 3 solutions appear in my mind:
1) A script contains somewhere instructions with the plain-pass-phrase.
Although this difficults from "plugging and seeing content", this is not
too difficult to track or discover.
2) A script or binary-exe contains some kind of bainary version of the
phrase. Performs "mounting". While rigorously "crackable", it is not
"obvious". For a person knowing enough as to do this, can "crack" the
system, but probably a person having such knowledge would build a clone
of my system from scratch instead of intending to re-use it.
3) A script "queries" the passphrase to a central sever at the
boot-time. This way if they "copy" the HD, the pass is not ther. Of
course this has a hughe-big-disastrous disadvantage: If the "key-server"
(in our office) fails and the radio has to reboot that machine they will
not be able to boot. Even not having the passphrease on the HD, I really
dislike this method because of the dependencies.
THE QUESTION:
What do you reccomend?
Thanks to everybody for helping, and again to the coders/maintainters of
dm-crypt for the job done.
Xavi.
--
Xavier Montero - 93 589 71 91 - 630 59 01 62 - xmontero@xxxxxxxxxxxxxx
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
