[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: root fs/crypted

On Wed, May 30, 2001 at 10:46:19AM +0200, Jan Niehusmann wrote:
> On Wed, May 30, 2001 at 01:08:21AM -0700, paul@ulink.net wrote:
> > Couldn't you say something like "I'm so sorry, I can't remember the pass
> > phrase, my mind has failed me...etc?"
> What about a more provable approach: 
> The passphrase could be changed automatically on every system
> boot, and the new passphrase could be written to a floppy disk
> on a clean shutdown (which, of course, is only possible with
> the root password).
> So if the police takes the computer and doesn't do the clean
> shutdown (how could they?), you can tell them: Sorry folks,
> you just destroyed the possibility to get any data from that computer...
> This, of course, means that you lose your data if the computer 
> crashes. 

if there would be two keys to the system (the way i described in
my original posting) the user key could be written to disc
only on clean shutdown. so if the system is unplugged by law
enforcement, the key you know is unusable. under truth serums
are whatever you can rightfully assert you don't know the key.
(you don't know the alternative random generated key either,
but you know it's behind the bookshelf written on a piece 
of paper). 

but that belongs to debian-legal.


Reply to: