On Wed, Mar 05, 2014 at 06:36:55PM -0300, Giancarlo Razzolini wrote: | One byproduct of such design would be the possibility of redirecting the | console to the ssh connection. I know this is deranging from the initial | idea, but make perfect sense. Anyway, I noted your concerns on this. | Now, anyone have any design idea for implementing this?
Your SSH key will always be readable. Either you have a readable SSH host key in the initramfs or the one on disk is readable. With your ssh host key compromised, your disk encryption means nothing. I have one machine in a datacenter with FDE. Well, almost Full: I added a very small sd0a partition with an /etc/boot.conf that sets console output to the serial port. Then I have secure access to the console via another machine where I have ssh access. Of course, if that other machine ever gets compromised, my FDE password is equally compromised. There's one other downside to the small sd0a as of somewhere between 5.4 and 5.5: I now have an /etc/random.seed there too that I need to remember to update after a reboot (I've got an @reboot cron to remind me though). Paul 'WEiRD' de Weerd -- >++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+ +++++++++++>-]<.>++[<------------>-]<+.--------------.[-] http://www.weirdnet.nl/