Hi guys, i want to create a map to my crypted diskbut, instead of putting the passkey every time, or using a pkcs11 (smart card), i want to get the passkey from a external server via networkin other words:1)place a new hard disk2)setup dm-crypt over disk3) mount disk using a external server like "https://www.host.com/get_passkey.php?UUID=xxxxx"anyone done something like it? or near it? maybe i'm talking about something that already exists
1. identify a LUKS based encrypted volume you want to unlock.
2. get the UUID of the encrypted volume
3. securely,get the key mapped to the UUID from another computer over the network
4. use the key to unlock the volume
5. mount the unlocked volume
6. ????
7. profit!!!
I have a project[1] that interfaces with cryptsetup and it has plugin architecture and can do the above when a plugin with the functionality is written.Source code for a plugin that get a key from gnome-keyring is here[1] so the plugin interface is simple enough. I envisioned making a plugin that does what you are thinking but never made one since i do not have a personal use case for it and nobody asked for it.
[1] http://code.google.com/p/zulucrypt/
[2] http://code.google.com/p/zulucrypt/source/browse/plugins/keyring/keyring.c
_______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt