That's cool. I guess the real issue is when booting the system and decrypting. I guess we would need to change some initscripts ? to do the same
On Jan 21, 2008 10:45 AM, Zavodsky, Daniel (GE Money) < [EMAIL PROTECTED]> wrote: > I am using loop-aes (losetup) for encryption - you can pre-parse the CPU > number in a shell script and feed it to losetup: > > (from losetup man page): > -p num Read the passphrase from file descriptor with number num > instead > of from the terminal. > > with -p 0 you can use standard input. I hope this helps. > > > ------------------------------ > *From:* [EMAIL PROTECTED] [mailto: > [EMAIL PROTECTED] *On Behalf Of *Ahmed Kamal > *Sent:* Monday, January 21, 2008 8:54 AM > > *To:* Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list > *Subject:* Re: [rhelv5-list] Protect my stolen disk > > But is anyone aware of an actual tool or plug-in to achieve encryption > that related to say CPU serial number, and uses it to automatically decrypt > ? > > On Jan 21, 2008 9:45 AM, Zavodsky, Daniel (GE Money) < > [EMAIL PROTECTED]> wrote: > > > You do not need the CPU, just its serial number (or the MAC address of > > the network card) - and you can easily write that on a piece of paper and > > put it in a secure location - or store this information in your office on an > > encrypted disk. > > > > ------------------------------ > > *From:* [EMAIL PROTECTED] [mailto: > > [EMAIL PROTECTED] *On Behalf Of *Ahmed Kamal > > *Sent:* Saturday, January 19, 2008 2:06 PM > > *To:* Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list > > *Subject:* Re: [rhelv5-list] Protect my stolen disk > > > > hmm, yep this could be a problem, if the CPU got burnt for example! > > > > On Jan 19, 2008 2:26 PM, John Summerfield <[EMAIL PROTECTED] > > > wrote: > > > > > Ahmed Kamal wrote: > > > > Seems like I could use dm-crypt to do full disk encryption, with > > > some > > > > hardware parameter (MAC, CPU s/n ... ) as the decryption key. That > > > would > > > > prevent someone from mounting the disk, or even dd'ing it to a > > > different > > > > machine. That's about exactly what I need. > > > > Not sure if dm-crypt supports getting decryption keys from hardware > > > params > > > > though ... > > > > > > > > > > Be sure you can read the disk should you need. > > > -- > > > > > > Cheers > > > John > > > > > > -- spambait > > > [EMAIL PROTECTED] [EMAIL PROTECTED] > > > -- Advice > > > http://webfoot.com/advice/email.top.php > > > http://www.catb.org/~esr/faqs/smart-questions.html > > > <http://www.catb.org/%7Eesr/faqs/smart-questions.html> > > > http://support.microsoft.com/kb/555375 > > > > > > You cannot reply off-list:-) > > > > > > _______________________________________________ > > > rhelv5-list mailing list > > > [email protected] > > > https://www.redhat.com/mailman/listinfo/rhelv5-list > > > > > > > > > _______________________________________________ > > rhelv5-list mailing list > > [email protected] > > https://www.redhat.com/mailman/listinfo/rhelv5-list > > > > > > _______________________________________________ > rhelv5-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/rhelv5-list > >
_______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
