Re: linux luks automatic boot with keyfile (INSECURE)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 05/24/2012 07:29 PM, Nuno Reis wrote:
I would like to ask you about the best choice to have one or two luks
encrypted partitions to boot automatically between reboots without me to
enter a pass-phrase.
I've made this already, but the way i'm doing it seems to be not very
secure since the keyfile is referenced in /etc/crypttab and the keyfile and
/etc/crypttab both reside on an unencrypted partition. If someone clones my
HDD and connect it to some other system will easily be able to mount the
unencrypted partitions and find the keyfile reference on /etc/crypttab to
get the keyfile and unencrypt the protected partitions right?
So basically my problem is that i want to sell a linux server with some
software i've developed to a datacenter (as an appliance), but i don't want
them to get to my software easily and i can't have a password prompt
between reboots also.
Can you point me out what you think would be the best solution for me?

If you want to protect software, perhaps you should consider a software protection dongle:

    http://en.wikipedia.org/wiki/Software_protection_dongle


HTH,

David
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt


[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux