On Thu, Oct 24, 2019 at 10:44 AM List <l...@md5collisions.eu> wrote: > > One would obviously NOT store the key on harddisk. That wouldn't make > any sense and is not necessary. > > This could be similarly achieved as the normal FDE with passphrase. But > instead of the actual harddisk as target, the target of the "yet to > implement" encryption of the keydisk would be the key on the keydisk > itself. >
So how would the system access the key if it's encrypted? > g > > On 2019-10-22 23:40, Aaron Mason wrote: > > On Wed, Oct 23, 2019 at 5:11 AM List <l...@md5collisions.eu> wrote: > >> I'm sorry I might have not been so clear about it. I meant a way to > >> encrypt the actual keydisk with a passphrase. > >> > >> On 2019-10-18 13:34, Jan Stary wrote: > >>>>> On Wednesday, October 16, 2019 11:06 PM, List <l...@md5collisions.eu> > >>>>> wrote: > >>>>>> I was wondering if there is a reason for the lack of keydisk > >>>>>> encryption. > >>> $ man bioctl > >>> # bioctl -h -v -c C ... > >>> > > To what end? At some point you're going to have to store the > > passphrase somewhere it can be easily read, and all you've really > > achieved is a way to, at best, slow down a potential attacker. > > > -- Aaron Mason - Programmer, open source addict I've taken my software vows - for beta or for worse