On Tue, Nov 19, 2013 at 07:31:35PM -0600, Glenn Washburn wrote: > I've had this setup ever since grub had LUKS support, except for the > signature checking. I don't really see the point of checking > signatures if the kernel and initrd are encrypted.
You're setting yourself up for a *lot* of pain then. In places where security is important, *always* check signatures. Utilizing encryption without checking signatures leaves you *wide-open* to attacks! In a case like this, by observing whether the system continues or halts the attacker will be able to figuring out how the incoming stream was handled. While this may not allow them to figure out what the keys are, it will allow them to easily break in. Not checking signatures has repeatedly killed zillions of security products. If you worry about security, signatures are non-optional! -- (\___(\___(\______ --=> 8-) EHM <=-- ______/)___/)___/) \BS ( | ehem+sig...@m5p.com PGP 87145445 | ) / \_CS\ | _____ -O #include <stddisclaimer.h> O- _____ | / _/ 8A19\___\_|_/58D2 7E3D DDF4 7BA6 <-PGP-> 41D1 B375 37D0 8714\_|_/___/5445 _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
