On Wed, Mar 05, 2014 at 06:36:55PM -0300, Giancarlo Razzolini wrote:
| One byproduct of such design would be the possibility of redirecting the
| console to the ssh connection. I know this is deranging from the initial
| idea, but make perfect sense. Anyway, I noted your concerns on this.
| Now, anyone have any design idea for implementing this?
Your SSH key will always be readable. Either you have a readable SSH
host key in the initramfs or the one on disk is readable. With your
ssh host key compromised, your disk encryption means nothing.
I have one machine in a datacenter with FDE. Well, almost Full: I
added a very small sd0a partition with an /etc/boot.conf that sets
console output to the serial port. Then I have secure access to the
console via another machine where I have ssh access.
Of course, if that other machine ever gets compromised, my FDE
password is equally compromised.
There's one other downside to the small sd0a as of somewhere between
5.4 and 5.5: I now have an /etc/random.seed there too that I need to
remember to update after a reboot (I've got an @reboot cron to remind
me though).
Paul 'WEiRD' de Weerd
--
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/
