This might be a good time to get your hands dirty :) A combination of dd / wireshark / tcpdump should revile the answers you need!
2011/6/9 Γιώργος Πάλλας <gp...@ccf.auth.gr> > A tough one (for me)! > > I use iSCSI (with CHAP authentication) to get a remote device over an > insecure network, then I unlock the LUKS volume and finally I mount the > ext4 FS. > How (in)secure is that? > > Data I miss: > 1. CHAP encrypts the iSCSI authentication password, but the actual iSCSI > data go over the link unencrypted obviously, yes? > 2. When I unlock the LUKS volume using a key file, this key file is > transmitted over the link, or not? > 3. The actual ext4 data go over the link encrypted or not? > > My pretty educated guesses are: > 2. it does not get transmitted, > 3. the data data is transmitted encrypted > 1. yes, but we don't care because of 2. and 3. > > any idea how things really are? > > thanks! > G. Pallas > > >