Re: thefts and encrypted FS (Re: what dose this do)
Jeroen de Haas <[EMAIL PROTECTED]> writes: > How many thieves would be comfortable with using Linux and > network manager to connect to a network? I don't use NetworkManager. The fact that it doesn't bring up networks till someone logs in is too stupid for words. (For one, my preferred login when I'm on the local net is one that uses my NFS-mounted home directory. That is impossible using NM, since it can't bring up the network until you log in and you can't log in till the network is up.) > Besides, they would still need to have a user account on the laptop. I'm sure they'll eventually decide they can't log in and install the OS of their choice. I'm hoping that in the meantime they'll boot it at least once while on the net and I'll have their IP. On the other hand, I guess I could create a guest account password guest and leave that info written on a piece of tape stuck to the computer. (Obviously I'd have to make sure ssh and other services can't log in using that account remotely.) -wolfgang -- Wolfgang S. Rupprecht http://www.full-steam.org/ (ipv6-only) You may need to config 6to4 to see the above pages. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: thefts and encrypted FS (Re: what dose this do)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tim wrote: > Nah, hideously painful, slow acting, poison gas. what? you want to be merciful to someone who steels your laptop? - -- tc,hago. g . in a free world without fences, who needs gates. learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html.gz 'The Linux Documentation Project' http://www.tldp.org/ 'HowtoForge' http://howtoforge.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Red Hat - http://enigmail.mozdev.org iD8DBQFI36BJ+C4Bj9Rkw/wRAlk8AJ9wtVZTH8C3yiEmNqvtHbU5AxuAuwCaA8c7 R8B52dRG9UH4/zutFuO8INM= =dpmM -END PGP SIGNATURE- -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: thefts and encrypted FS (Re: what dose this do)
On Sun, 2008-09-28 at 14:25 +, g wrote: > i still think best way is a 'mission impossible' self > destruct with a c4 charge. ;-) Nah, hideously painful, slow acting, poison gas. -- [EMAIL PROTECTED] ~]$ uname -r 2.6.26.3-29.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: thefts and encrypted FS (Re: what dose this do)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Wolfgang S. Rupprecht wrote: > Thanks for the tip on adeona. I'll look at it to see what other > tricks I could be using to make tracking easier. it is an interesting and effective way of doing things. yet like any and all possible ways, it does depend on drive not being wiped and an internet connection. i still think best way is a 'mission impossible' self destruct with a c4 charge. ;-) - -- tc,hago. g . in a free world without fences, who needs gates. learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html.gz 'The Linux Documentation Project' http://www.tldp.org/ 'HowtoForge' http://howtoforge.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Red Hat - http://enigmail.mozdev.org iD8DBQFI35Pu+C4Bj9Rkw/wRAn10AJ9EXBHQbFymQc89uZVoxU+yE1QlagCgwtcK pywcvXE0oSo9srLJhs4JmJs= =+gK+ -END PGP SIGNATURE- -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: thefts and encrypted FS (Re: what dose this do)
On Sat, 2008-09-27 at 11:06 -0700, Wolfgang S. Rupprecht wrote: > > Short answer: It'll make it very hard for people with physical access to > > boot your computer and read personal files (possibly containing > > passwords or other sensitive information). > > True, but that will also make it hard for the laptop to call home for > help if it gets stolen. Just something to think about. > > After fretting about this for a while, I decided it was more important > for the laptop to boot than for it to have everything encrypted. I > want my laptop to boot and contact my server so that I can see which > IP address it has popped up at. I'm sure the detectives at my local > police station would be interested too. They don't often get to catch > thieves red-handed like that. Most thefts around here go unsolved. > > I was too disorganized when I installed F9 to break /home out into a > separate filesystem. If I had done that I could have encrypted /home > yet left the root FS intact. Come to think of it, I do have > everything under LVM, so I suppose I could still break out /home and > encrypt the user stuff. > > -wolfgang > -- > Wolfgang S. Rupprecht http://www.full-steam.org/ (ipv6-only) > You may need to config 6to4 to see the above pages. > That is an interesting thought. I like the idea of letting my laptop contact my server. However, I wonder how it will work out in a real life situation. How many thieves would be comfortable with using Linux and network manager to connect to a network? Besides, they would still need to have a user account on the laptop. Eventually the thief could succeed, but I doubt whether he/she will go through all the trouble. I think it is wise to encrypt more than just your home partition. Swap-, /etc and /tmp partitions will probably contain some personal information as well. Jeroen -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: thefts and encrypted FS (Re: what dose this do)
g <[EMAIL PROTECTED]> writes: > are you using http://adeona.cs.washington.edu/index.html ? > or do you have another 'call home' site? I'm using my own desktop system to log the IP and using a periodic wget(1) call from the init scripts, cron, and dhclient to access a non-linked web page on my machine. Thanks for the tip on adeona. I'll look at it to see what other tricks I could be using to make tracking easier. -wolfgang -- Wolfgang S. Rupprecht http://www.full-steam.org/ (ipv6-only) You may need to config 6to4 to see the above pages. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: thefts and encrypted FS (Re: what dose this do)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Wolfgang S. Rupprecht wrote: > True, but that will also make it hard for the laptop to call home for > help if it gets stolen. Just something to think about. are you using http://adeona.cs.washington.edu/index.html ? or do you have another 'call home' site? ria, i noted above address in a post a while back and recommended it to several i know using laptops. - -- tc,hago. g . in a free world without fences, who needs gates. learn linux: 'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html.gz 'The Linux Documentation Project' http://www.tldp.org/ 'HowtoForge' http://howtoforge.com/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with Red Hat - http://enigmail.mozdev.org iD8DBQFI3onD+C4Bj9Rkw/wRAuS0AJ42c5kXMzybvUZNPyKqW1LmKBvh3wCgnC9X aGurvrKIzxONpNUeoiHBc9U= =PEoX -END PGP SIGNATURE- -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
thefts and encrypted FS (Re: what dose this do)
> Short answer: It'll make it very hard for people with physical access to > boot your computer and read personal files (possibly containing > passwords or other sensitive information). True, but that will also make it hard for the laptop to call home for help if it gets stolen. Just something to think about. After fretting about this for a while, I decided it was more important for the laptop to boot than for it to have everything encrypted. I want my laptop to boot and contact my server so that I can see which IP address it has popped up at. I'm sure the detectives at my local police station would be interested too. They don't often get to catch thieves red-handed like that. Most thefts around here go unsolved. I was too disorganized when I installed F9 to break /home out into a separate filesystem. If I had done that I could have encrypted /home yet left the root FS intact. Come to think of it, I do have everything under LVM, so I suppose I could still break out /home and encrypt the user stuff. -wolfgang -- Wolfgang S. Rupprecht http://www.full-steam.org/ (ipv6-only) You may need to config 6to4 to see the above pages. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: what dose this do
On Sat, 2008-09-27 at 10:03 -0400, William Biggs wrote: > when I installed fedora 9 I seen I can encryption system what dose that > do ? Short answer: It'll make it very hard for people with physical access to boot your computer and read personal files (possibly containing passwords or other sensitive information). You pick a pass phrase which is used to encrypt most of the data on your hard disk. By default, all Linux partitions except /boot are encrypted. When you turn your computer on, you will be asked to enter your pass phrase. Using the correct pass phrase, Linux can decrypt and read the data. If your computer is powered off and someone else tries to access your files, he/she will not succeed as he/she does not know the pass phrase. Here is a quick example showing why this is useful. Suppose you have a laptop and it is stolen. At least, you now know that it will be very hard for the thief to access your files. The thief will not be able to read/use any information without the pass phrase. I hope this clarifies things a bit, Jeroen -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
