A tough one (for me)! I use iSCSI (with CHAP authentication) to get a remote device over an insecure network, then I unlock the LUKS volume and finally I mount the ext4 FS. How (in)secure is that?
Data I miss: 1. CHAP encrypts the iSCSI authentication password, but the actual iSCSI data go over the link unencrypted obviously, yes? 2. When I unlock the LUKS volume using a key file, this key file is transmitted over the link, or not? 3. The actual ext4 data go over the link encrypted or not? My pretty educated guesses are: 2. it does not get transmitted, 3. the data data is transmitted encrypted 1. yes, but we don't care because of 2. and 3. any idea how things really are? thanks! G. Pallas
smime.p7s
Description: S/MIME Cryptographic Signature
