[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: encrpyt harddrive without passphrase/userinput

Mario Ohnewald wrote:
> Hi Horst
> 
> On Sun, 2006-02-26 at 22:23 +0100, Horst Pflugstaedt wrote:
> > On Sun, Feb 26, 2006 at 10:11:44PM +0100, Mario Ohnewald wrote:
> > > Hello security list!
> > > 
> > > I would like to secure the harddrive/partitions of linux box.
> > > 
> > > The whole setup must fulfill the following requirements:
> > > 
> > > a) it must be able to boot (remotely) without userinput/passphrase
> > > b) the importtant partitions such as /etc, /var, /usr and /home must be
> > > encrypted/protected.
> > 
> > I just ask myself why you bother encrypting a filesystem that will be
> > accessible to anyone having access to the machine since it boots without
> > password?

> It boots with grub and pam/unix password.
Grub wount protect you, someone with physical access can still just boot
from a cd and change your grub passwd, or do you intend to patch grub so
it can read /boot/grub/menu.list from a encrypted fs.


// my 2 öre
// Gustaf
Reply to: