On Sun, May 26, 2024 at 08:33:59PM +0100, 04-psyche.totter@icloud.com wrote:
>Hi everyone,
>
>Is there any way to use disk encryption without having physical access to the device?
>
You could use a USB keydisk (make sure you, and your assistant on the
remote server, have copious backup(s) of
this!) as an encryption device, as per this document:
https://www.openbsd.org/faq/faq14.html#softraidFDE
Cheers
Ampie
>A few potential ideas:
>- is there a way to enter the encryption passphrase via ssh?
>- is there a way to create a non encrypted partition on the same hard drive, where the keydisk would be stored, and automatically used? (For various reasons, an external usb key is not feasible). And yes, I realize this would weaken the security significantly, but I'd still like to know if it's feasible?
>
>My guess is that it's not possible, but I wanted to ask to make sure.
>
>Cheers,
>Jake
No comments:
Post a Comment