On Sun, 9 Feb 2003, Dave Howe wrote: > Jim Choate wrote: > > Yes, it can mount the partition. That isn't the problem. The problem > > is that for lilo to do this it has to have access to the key in > > plaintext. That makes the entire exercise moot. > not if you have to type it every time.
Then I'd say lilo isn't mounting it, you are. But you get the gist, either the key is there in plaintext or somebody who knows it is. That is a -very- limited application area for computers and encryption. > if you take that as criteria, then *all* encryption is moot, as I can't > think of any you don't have to supply a key or passphrase for. Not at all, it simply means that encryption is not the solution for -stand alone- applications (at least not at the state of encryption and hardware today). In my mind the utility of encryption on a machine is questionable unless that machine can reboot and recover -without intervention and without needing a plaintext key-. Only when that state can be achieved will encryption offer the sort of security many of us are looking for. One of the extensions that I'm looking at in Plan 9 is a mechanism to use the distributed process and name space as a mechanism to do something about this. It may be possible to get a server to boot an encrypted partition without ever passing the actual key (Plan 9 uses a token ala kerberos - but it's not kerberos). > you could also have lilo look at a dongle (a usb drive, say) for its key. Same problem, the key has to be on the dongle in the clear. Several years ago the Austin Cypherpunks ran a mixmaster remailer for several months and we used a floppy to do this sort of stuff. If you have the floppy you have the system. -- ____________________________________________________________________ We are all interested in the future for that is where you and I are going to spend the rest of our lives. Criswell, "Plan 9 from Outer Space" [EMAIL PROTECTED] [EMAIL PROTECTED] www.ssz.com www.open-forge.org --------------------------------------------------------------------