On 19/03/2022 08:03, Dale wrote:
Howdy,
I been thinking. Yea, that's dangerous. lol If I logout of KDE, or
have the screen locked, ctrl+alt=L key sequence, how secure is that if I
have good passwords that are virtually impossible to crack? My login
manager is sddm. As a example, if someone breaks into my home, is there
a easy way to get past that? I recall the old windoze 98 days where a
certain key sequence would bypass the password prompt. Is there a way
known to crooks and such that can bypass or easily defeat passwords?
I'm not aware of any such shortcuts. There are always bugs, and design
flaws, and I believe there is such a design flaw in X such that it's
POSSIBLE to bypass a screen-lock.
I'm aware that if a person boots up where no password is required, that
will bypass, even as root if I recall correctly. I'm just looking for
something that is even easier than that.
Actually, systemd is actively working on closing that hole ...
Also, if I have a encrypted hard drive open and mounted and then cut off
power, doesn't that disable the decryption for the drive? In other
words, I pull the plug and someone powers it back up, the drive is
encrypted again and requires a password.
Yes. If you even so much as SUSPEND your system, it's considered a
serious bug for the encryption key to be flushed to disk - it has to be
wiped - and with no key decryption is no longer possible.
Also, I'm planning to reorganize and encrypt some more stuff here. I
want to remove one hard drive from my home thingy. Is it really as easy
as pvmove /dev/sdx the device I want to remove? From my understanding I
need to reduce the file system first. Is that correct? I'm often
amazed at how easy some things can be done with LVM.
I think you mean pvREmove and, provided you have sufficient unused space
in your PV greater or equal to the size of the drive, yes it really is
that simple. Of course, if you have LESS free space, LVM will be unable
to move everything off sdx and you're going to lose data.
If you're planning to re-organise by adding larger disks, check out
whether LVM has the equivalent of "mdadm --replace ...", where md-raid
will move stuff on a running system.
Cheers,
Wol
