Hi,
Am Donnerstag, den 02.04.2020, 10:59 +0200 schrieb Pierre Neidhardt:
> Hi!
>
> I've followed the doc / template to set up an encrypted system on my
> laptop:
>
> --8<---cut here---start->8---
> (mapped-devices
>(list (mapped-device
> (sourc
Am Freitag, den 03.04.2020, 18:13 +0200 schrieb Pierre Neidhardt:
> Ellen Papsch writes:
>
> > leaving /boot unencrypted allows attackers to plant malware
> > relatively
> > easy. They can mount the partition without ado and replace the
> > kernel
> > with
Am Freitag, den 03.04.2020, 21:44 +0200 schrieb pelzflorian (Florian
Pelz):
>
> So using a single encrypted partition instead of separate /boot
> protects from script kiddies (siblings/“friends”?) with hardware
> access that know how to put their own grub.cfg on an unencrypted
> /boot
> partition
Am Samstag, den 04.04.2020, 12:18 +0200 schrieb pelzflorian (Florian
Pelz):
> Could key files help in passing the passphrase on to the
> Linux kernel? The Arch Wiki says this: [...]
>
The key file would be another means of decrypting the master key, if I
understand LUKS correctly. It would be in
Hi,
Am Dienstag, den 07.04.2020, 11:46 +0200 schrieb Ludovic Courtès:
> Hi,
>
> Ellen Papsch skribis:
>
> > Am Samstag, den 04.04.2020, 12:18 +0200 schrieb pelzflorian
> > (Florian
> > Pelz):
> > > Could key files help in passing the passphrase on to the
Hi,
Am Dienstag, den 07.04.2020, 09:47 -0700 schrieb Vagrant Cascadian:
> On 2020-04-07, Alex Griffin wrote:
> > So we can put the key in its own initrd (outside of the store)
> >
>
> I believe it's also possible for grub to provide the key
> derived/decrypted from the passphrase entered at run-
Am Dienstag, den 07.04.2020, 22:19 +0200 schrieb Ludovic Courtès:
> Ellen Papsch skribis:
>
>
> Sure, but what happens when you reconfigure? You still need to have
> that file around so it can be added to the initrd.
>
Does it really have to be added to initrd? From my oth
Hello Guix,
I'm currently packaging proxysql, of course with the goal of getting it
into Guix upstream as well. There are two hurdles, which I thought I
should discuss here.
The first is the rather unflexible Makefile based build system. It
would require some patching on Guix side. For example, t
Am Mittwoch, den 05.02.2020, 15:23 -0500 schrieb Leo Famulari:
>
> It's not uncommon to see hard-coded installation prefixes. What else
> would need to be changed? Is it doable?
All dependencies are statically linked to the binary. I'll have to trim
down the build steps to just mariadb-connector-
Hi,
Am Montag, den 17.02.2020, 14:47 +0100 schrieb Jonathan Brielmaier:
> Hi folks,
>
> as promised on the Guix Days in Bruxelles I asked Hetzner[0] if they
> could provide us some free VMs in their cloud[1].
>
> A few days ago they came back go to me. Sadly they can't provide us
> free
> VMs, b
Am Montag, den 17.02.2020, 18:15 +0100 schrieb Alex Sassmannshausen:
>
>
> So I deploy debian, then copy across a script and run that. This
> takes
> care of turning the debian machine into a guix machine and deploys my
> sys config immediately.
>
> This is by far the fastest way of deploying
11 matches
Mail list logo
