On Fri, Oct 25, 2019 at 12:20 PM Normen Wohner wrote:
>
>
>
> > Am 24.10.2019 um 03:27 schrieb Aaron Mason :
> >
> > On Wed, Oct 23, 2019 at 7:45 PM Normen Wohner wrote:
> >>
> >> To enable two factor encryption?
> >> One passcode is in his head the other on a key.
> >> If either is missing the
> Am 24.10.2019 um 03:27 schrieb Aaron Mason :
>
> On Wed, Oct 23, 2019 at 7:45 PM Normen Wohner wrote:
>>
>> To enable two factor encryption?
>> One passcode is in his head the other on a key.
>> If either is missing the data on drive is unreadable.
>> I don’t know what is hard to
So answering your forwarded Mail Thread.
What's the reason ?
Because your diskencryption stands and falls with the complexity of your
passphrase. And if you were able to use a keydisk to encrypt your
harddrive it would be WAY harder to bruteforce your keydisk rather than
your passphrase.
This
On Thu, Oct 24, 2019 at 10:44 AM List wrote:
>
> One would obviously NOT store the key on harddisk. That wouldn't make
> any sense and is not necessary.
>
> This could be similarly achieved as the normal FDE with passphrase. But
> instead of the actual harddisk as target, the target of the "yet
On Wed, Oct 23, 2019 at 7:45 PM Normen Wohner wrote:
>
> To enable two factor encryption?
> One passcode is in his head the other on a key.
> If either is missing the data on drive is unreadable.
> I don’t know what is hard to understand about it.
> In an ideal world you’d use the manual passcode
One would obviously NOT store the key on harddisk. That wouldn't make
any sense and is not necessary.
This could be similarly achieved as the normal FDE with passphrase. But
instead of the actual harddisk as target, the target of the "yet to
implement" encryption of the keydisk would be the key
On Wed, Oct 23, 2019 at 5:11 AM List wrote:
>
> I'm sorry I might have not been so clear about it. I meant a way to
> encrypt the actual keydisk with a passphrase.
>
> On 2019-10-18 13:34, Jan Stary wrote:
> >>> On Wednesday, October 16, 2019 11:06 PM, List
> >>> wrote:
> I was wondering
I'm sorry I might have not been so clear about it. I meant a way to
encrypt the actual keydisk with a passphrase.
On 2019-10-18 13:34, Jan Stary wrote:
>>> On Wednesday, October 16, 2019 11:06 PM, List wrote:
I was wondering if there is a reason for the lack of keydisk encryption.
> $ man
> > On Wednesday, October 16, 2019 11:06 PM, List wrote:
> >> I was wondering if there is a reason for the lack of keydisk encryption.
$ man bioctl
# bioctl -h -v -c C ...
Hi,
I've found the diff / suggestion you're talking about. But it seems to
be rather hacky. For what reason I guess it never made it into the tree.
I'll ask tech@ what they'd think about a patch.
g,
Stephan
On 2019-10-17 11:02, flauenroth wrote:
> There was an effort, if memory serves but
There was an effort, if memory serves but never got committed afaik. Not sure
what happened any why but you should be able to dig the mailiing list
conversation up and from there compile the uncommitted patch for your needs. At
least that would be my approach, except it's now part of OpenBSD.
Hi,
I was wondering if there is a reason for the lack of keydisk encryption.
And if there is a reason what that would be. Or maybe I'm just missing
something and there is a way to achieve this.
Please correct me. Thanks for your time.
g Stephan
12 matches
Mail list logo