On Tue, Sep 4, 2012 at 2:18 PM, Florian Philipp <li...@binarywings.net> wrote: > Am 04.09.2012 19:37, schrieb Hinnerk van Bruinehsen: >> On 04.09.2012 15:48, "Roland Häder" wrote: >>> I think I made a (tollerateable) mistake: >> >>> My hard drive has two partitions: - sda1 - encrypted swap - sda2 - >>> encrypted root >> >>> How should it boot? One way could be by external media (e.g. >>> stick), other is from hard drive. But that is encrypted. So I must >>> leave a small area left for kernel, initrd, System.map and maybe >>> config. >> >>> So the page at [1] is a little wrong because it misses the boot >>> partition, so the new layout should be: - sda1 - unencrypted boot >>> (/boot) partition - sda2 - encrypted swap (at least as double as >>> your RAM) (crypt-swap) - sda3 - encrypted root (crypt-root) >> >>> Can someone update this? >> >>> Regards, Roland >> >>> [1]: http://wiki.gentoo.org/wiki/DM-Crypt >> >> >> In theory grub2 is able to open a luks-encrypted volume though it >> seems to have some disadvantages: you'll need to enter the passphrase >> (or pass the keyfile) two times, because grub itself needs to decrypt >> the volume to get the later stages from the encrypted volume and >> afterwards the decryption in the bootprocess itself takes place. >> >> I can't give any real advice about it though, because I use an >> unencrypted boot partition. Depending on your needs it could be an >> increase of security, because you can stop an attacker from injecting >> malicious code into your kernel (or replace it completely). >> >> WKR >> Hinnerk > > > For personal use, I see no point in using an encrypted boot partition. > An attacker needs physical or root access to change the kernel or initrd > in order to get to your encrypted data. In both cases, you are hosed > anyway (keyloggers, etc.).
Now you've got me pondering cryptographically-verified input devices. But perhaps a paired USB key fob with a challenge/response setup would be reasonable. -- :wq
