Imagine you have servers with 24 bays and few root administrators. What is a chance of disk leakage e.g. where drive is being replace for new one under warrantycondition? With MooseFS (btw an excellent tool), LUKS, passprase on crypto card/token and cryptsetup supporting pkcs11 you can format disk using token as storage and two-factorauthentication device. Am I thinking correctly? For backup you can add second key (the same way or classic, just for backup) and sys admins never see key(s). Using now availablemethods (gnupgp or pkcs11-data) you can easlly modify scripts to dump passphrase or keyfile. I want to minimize it.
You can use libraries if you worry about leakage from loose boundaries btw different binaries and scripts.
cryptsetup ships with a library you can interface with[1],the two binaries you have mentioned also have libraries you can interface with, most tokens ships with libraries that talks to the hardware too or generic ones exists.Why not use cryptsetup library and the library provided by the hardware and add some logic btw them in your binary or library.
The library interface should be enough,have you looked at it and determined its not adequate? how is it not adequate if you have?
[1]http://wiki.cryptsetup.googlecode.com/git/API/index.html
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
