Yes, you would need to tweak the init scripts or create new one specifically for your disk, but it should not be a major problem.
_____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ahmed Kamal Sent: Monday, January 21, 2008 1:06 PM To: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list Subject: Re: [rhelv5-list] Protect my stolen disk That's cool. I guess the real issue is when booting the system and decrypting. I guess we would need to change some initscripts ? to do the same On Jan 21, 2008 10:45 AM, Zavodsky, Daniel (GE Money) < [EMAIL PROTECTED]> wrote: I am using loop-aes (losetup) for encryption - you can pre-parse the CPU number in a shell script and feed it to losetup: (from losetup man page): -p num Read the passphrase from file descriptor with number num instead of from the terminal. with -p 0 you can use standard input. I hope this helps. _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ahmed Kamal Sent: Monday, January 21, 2008 8:54 AM To: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list Subject: Re: [rhelv5-list] Protect my stolen disk But is anyone aware of an actual tool or plug-in to achieve encryption that related to say CPU serial number, and uses it to automatically decrypt ? On Jan 21, 2008 9:45 AM, Zavodsky, Daniel (GE Money) < [EMAIL PROTECTED]> wrote: You do not need the CPU, just its serial number (or the MAC address of the network card) - and you can easily write that on a piece of paper and put it in a secure location - or store this information in your office on an encrypted disk. _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] ] On Behalf Of Ahmed Kamal Sent: Saturday, January 19, 2008 2:06 PM To: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list Subject: Re: [rhelv5-list] Protect my stolen disk hmm, yep this could be a problem, if the CPU got burnt for example! On Jan 19, 2008 2:26 PM, John Summerfield <[EMAIL PROTECTED] > wrote: Ahmed Kamal wrote: > Seems like I could use dm-crypt to do full disk encryption, with some > hardware parameter (MAC, CPU s/n ... ) as the decryption key. That would > prevent someone from mounting the disk, or even dd'ing it to a different > machine. That's about exactly what I need. > Not sure if dm-crypt supports getting decryption keys from hardware params > though ... > Be sure you can read the disk should you need. -- Cheers John -- spambait [EMAIL PROTECTED] [EMAIL PROTECTED] -- Advice http://webfoot.com/advice/email.top.php http://www.catb.org/~esr/faqs/smart-questions.html <http://www.catb.org/%7Eesr/faqs/smart-questions.html> http://support.microsoft.com/kb/555375 You cannot reply off-list:-) _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
_______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
