[dm-crypt] passkey over network
.. ink ..
mhogomchungu at gmail.com
Mon Jul 1 18:56:40 CEST 2013
> That means this whole scheme is about as secure as a locally stored
> passphrase, i.e. not secure at all. The only benefit a remotely
> stored passphrase has, is that if you take down the remote server
> _before_ the local machine is compromised and when the local volume
> is _not_ decrypted, you can deny the unlock. If the local machine
> is compromised while the remote server is running, or while the
> encrypted volume is mounted, the attacker gets everything. If
> the local machine is not compromised, you do not even need encryption
> to be secure.
> With that, I have the impression that the security model of this
> is fundamentally broken on a conceptual level.
if you have one static host that gets keys from one static server,then the
passwordless ssh method seem obvious but its pointlessness will shortly be
realized.To access the key from a different host machine,the private key
must be sent to the different host and the server,through other means,must
be informed of the new host and hence it seem pointless since the private
key could instead be used as a passphrase to unlock the volume or to unlock
a key protected keyfile.
There is another reason why such a setup could be useful and that is
convenience from centralization of keys.
I dont manage my luks keys individually,i have them in kwallet and access
them through it.I have a bunch of luks volumes and i dont need to remember
their individual keys as all i need is the key to unlock kwallet.
His use case could be the same,only he want to access a wallet that is not
on a local machine,but on a remote one so that he could smoothly switch
between devices he own and have access to his volumes keys through a single
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dm-crypt