On Thu, 2019-12-12 at 03:09 +0100, Kevin Kofler wrote: > John M. Harris Jr wrote: > > To clarify a bit, the most common method of extracting a key from a TPM > > has been to simply desolder the TPM from the system and solder it onto > > another system. This works with the popular implementations. > > Surely that is not a process that you want to advertise to end users! > > I stay by what I wrote: a TPM, or anything with the same security model, is > not an acceptable place for a LUKS key token. This is far from the original topic, but you make a baseless claim. Like any other security feature, it's successful (or not) use depends on the threat model and the sue you make of it. If you want to make sure that the hard drive *cannot* be use by plugging it into any random computer using a TPM chip with LUKs is absolutely a good idea. Of course if you do not make external backups then having a backup key add to LUKS that you store offline is definitely a good idea for recovery in case your TPM chip becomes unavailable for whatever reason. > Either use a plain keyfile on > a removable USB mass storage stick, or if that does not provide acceptable > security in your setup, find another solution (such as a passphrase). You are making a blanket statement about the security of a solution without any analysis of the requirements, uniquely on a personal and arbitrary distaste for a technology, that is not really useful, please refrain. Simo. -- Simo Sorce RHEL Crypto Team Red Hat, Inc _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
