On Thu, Oct 24, 2019 at 10:44 AM List <list@md5collisions.eu> wrote:
>
> One would obviously NOT store the key on harddisk. That wouldn't make
> any sense and is not necessary.
>
> This could be similarly achieved as the normal FDE with passphrase. But
> instead of the actual harddisk as target, the target of the "yet to
> implement" encryption of the keydisk would be the key on the keydisk
> itself.
>
So how would the system access the key if it's encrypted?
> g
>
> On 2019-10-22 23:40, Aaron Mason wrote:
> > On Wed, Oct 23, 2019 at 5:11 AM List <list@md5collisions.eu> wrote:
> >> I'm sorry I might have not been so clear about it. I meant a way to
> >> encrypt the actual keydisk with a passphrase.
> >>
> >> On 2019-10-18 13:34, Jan Stary wrote:
> >>>>> On Wednesday, October 16, 2019 11:06 PM, List <list@md5collisions.eu> wrote:
> >>>>>> I was wondering if there is a reason for the lack of keydisk encryption.
> >>> $ man bioctl
> >>> # bioctl -h -v -c C ...
> >>>
> > To what end? At some point you're going to have to store the
> > passphrase somewhere it can be easily read, and all you've really
> > achieved is a way to, at best, slow down a potential attacker.
> >
>
--
Aaron Mason - Programmer, open source addict
I've taken my software vows - for beta or for worse
No comments:
Post a Comment