[dm-crypt] passkey over network
roberto at spadim.com.br
Mon Jul 1 01:53:21 CEST 2013
in my case it's a server, in any place in the world, and the https server
that will send the key, is a server in my house or somewhere that i can
in other words, others servers only can use the disk if i say what's the
passkey, without my passkey no mount exists
i will read your links, and understand what could be done
any others ideas?
2013/6/30 .. ink .. <mhogomchungu at gmail.com>
> Hi guys, i want to create a map to my crypted disk
>> but, instead of putting the passkey every time, or using a pkcs11 (smart
>> card), i want to get the passkey from a external server via network
>> in other words:
>> 1)place a new hard disk
>> 2)setup dm-crypt over disk
>> 3) mount disk using a external server like "
>> anyone done something like it? or near it? maybe i'm talking about
>> something that already exists
> I think the proper steps would be
> 1. identify a LUKS based encrypted volume you want to unlock.
> 2. get the UUID of the encrypted volume
> 3. securely,get the key mapped to the UUID from another computer over the
> 4. use the key to unlock the volume
> 5. mount the unlocked volume
> 6. ????
> 7. profit!!!
> I have a project that interfaces with cryptsetup and it has plugin
> architecture and can do the above when a plugin with the functionality is
> written.Source code for a plugin that get a key from gnome-keyring is
> here so the plugin interface is simple enough. I envisioned making a
> plugin that does what you are thinking but never made one since i do not
> have a personal use case for it and nobody asked for it.
>  http://code.google.com/p/zulucrypt/
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dm-crypt