Hi,
I am trying to configure my server to be able to be unlocked via ssh and dropbear. From the README.gz
I understand that I can issue the command:
ssh -o "UserKnownHostsFile=~/.ssh/known_hosts.initramfs" \
-i "~/id_rsa.initramfs" root@xxxxxxxxxxxxxxxxxxxxxxxxx \
"echo -ne \"secret\" >/lib/cryptsetup/passfifo"
What exactly will happen with the "secret" string? Will it be written to an unprotected part of a hard drive. If so
it may be retrieved by a careful investigation of that drive. From my non expert and humble opinion, a key (as
the "secret") should only be stored on RAM (and erased even from the RAM as soon as possible).
Even if only stored in the RAM, I guess that the "secret" string will be stored in the .bash_history file on the
computer from which the ssh-command was issued. I guess it is more recommended to log into the remote
computer and then issue ( cat > /lib/cryptsetup/passfifo --> "secret" --> CTRL+D, will that work?)
Best Regards
David
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
