[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Unencrypted boot with encrypted root
From: |
Ellen Papsch |
Subject: |
Re: Unencrypted boot with encrypted root |
Date: |
Tue, 07 Apr 2020 13:34:24 +0200 |
User-agent: |
Evolution 3.34.1 (by Flathub.org) |
Hi,
Am Dienstag, den 07.04.2020, 11:46 +0200 schrieb Ludovic Courtès:
> Hi,
>
> Ellen Papsch <address@hidden> skribis:
>
> > Am Samstag, den 04.04.2020, 12:18 +0200 schrieb pelzflorian
> > (Florian
> > Pelz):
> > > Could key files help in passing the passphrase on to the
> > > Linux kernel? The Arch Wiki says this: [...]
> > >
> >
> > If the installer would support an external medium for the file,
> > that would be best (IMHO).
>
> The difficulty is that any file traveling through the store is
> world-readable. It’s hard to avoid.
>
Does it have to go through the store? I imagine key generation would be
done by the installer, not guix system init. That would be much in the
same way that the installer creates partitions, while system init (or
reconfigure) doesn't touch partitions, only uses existing references.
In that sense, the installer would create the file from /dev/random or
urandom and place the reference in operating-system.
It would also allow manual installations to retain flexibility
configuring encryption.
Best regards
- Re: Unencrypted boot with encrypted root, (continued)
- Re: Unencrypted boot with encrypted root, pelzflorian (Florian Pelz), 2020/04/03
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/04
- Re: Unencrypted boot with encrypted root, pelzflorian (Florian Pelz), 2020/04/04
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/06
- Re: Unencrypted boot with encrypted root, Ludovic Courtès, 2020/04/07
- Re: Unencrypted boot with encrypted root,
Ellen Papsch <=
- Re: Unencrypted boot with encrypted root, Ludovic Courtès, 2020/04/07
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/08
- Re: Unencrypted boot with encrypted root, Alex Griffin, 2020/04/07
- Re: Unencrypted boot with encrypted root, Vagrant Cascadian, 2020/04/07
- Re: Unencrypted boot with encrypted root, Ellen Papsch, 2020/04/08
- Re: Unencrypted boot with encrypted root, Alex Griffin, 2020/04/08
- Re: Unencrypted boot with encrypted root, Vagrant Cascadian, 2020/04/08
- Re: Unencrypted boot with encrypted root, Pierre Neidhardt, 2020/04/08
- Re: Unencrypted boot with encrypted root, Alex Griffin, 2020/04/08