Re: Discussion about backup passwords for LUKS encrypted filesystems before revising wiki
Roberto,
Thanks for the reply!
Good points, both of them. I might (or might not) add your use case (the
multiple user case) to the wiki as it sounds like a more plausible need.
On Tuesday, December 22, 2020 12:34:12 PM Roberto C. Sánchez wrote:
> On Tue, Dec 22, 2020 at 12:11:19PM -0500, rhkramer@gmail.com wrote:
> > My point is this: I think creating and saving backup passwords is of
> > minimal value.
>
> Maybe to you as a single user. However, I have worked in places where
> resources are protected by multiple passwords. For instance there was a
> "normal" password given to the admins (or users, as the case may be) and
> a backup password was kept locked in a safe. The backup password could
> be used if there was some sort of emergency where for some reason those
> who would normally have the password were not available. (Think
> disaster recovery.)
>
> Based on the content in the wiki it seems appropriate to inform the
> reader of the presence of the ability to store multiple passwords which
> can unlock an encrypted device.
>
> > Far more important (but not mentioned) is making and keeping backup
> > copies of your encrypted data (possibly not encrypted but stored in a
> > bank vault ;-), yet that is not mentioned.
>
> It probably is not mentioned since backups are not something which are
> unique to encrypted devices. A general reminder would not be wrong or
> bad, but it would seem out of place to me. I mean, we could also add
> reminders to make sure the firewall is up to date, secured, and enabled
> or to have SMART enabled and configured to send alerts if a HDD begins
> to exhibit symptoms of a potential failure.
>
> Regards,
>
> -Roberto
Reply to: