On 30/08/13 20:22, Glenn Washburn wrote:
I'd still like GRUB to be able to read a key-file rather than a typed
pass-phrase, and have the key-file hidden on a (second) small (1GB)
randomised-data USB flash device (no file-system) so even the
operator can't be sure where to find the bytes that
-Original Message-
From: grub-devel-bounces+j.witvliet=mindef...@gnu.org
[mailto:grub-devel-bounces+j.witvliet=mindef...@gnu.org] On Behalf Of TJ
Sent: Thursday, August 29, 2013 10:20 PM
To: grub-devel@gnu.org
Subject: Re: LUKS Encryption and Fingerprint readers?
On 29/08/13 20:13, Glenn
On 30/08/13 10:10, j.witvl...@mindef.nl wrote:
Some time ago i´ve been experimenting with fingerprints, and the result was
not encouraging...
From security point of view no that many problems (besides all well known
general issue´s with fingerprints).
I mean no false positive´s, but the
On Thu, 29 Aug 2013 21:20:14 +0100
TJ grub-de...@iam.tj wrote:
that'd be silly so I'm now moving to whole-disc encryption with the
boot-loader, kernel, and initrd on a key-fob USB.
I'd still like GRUB to be able to read a key-file rather than a typed
pass-phrase, and have the key-file
On Thu, 15 Aug 2013 17:51:03 +0100
TJ grub-de...@iam.tj wrote:
So I'd like to know what support for key-files and/or fingerprint
reading is/could be as input for LUKS unlocking?
My other thought, to keep things simple, is to encrypt the entire
hard drive and install GRUB and the /boot/
On 29/08/13 20:13, Glenn Washburn wrote:
On Thu, 15 Aug 2013 17:51:03 +0100
TJ grub-de...@iam.tj wrote:
So I'd like to know what support for key-files and/or fingerprint
reading is/could be as input for LUKS unlocking?
My other thought, to keep things simple, is to encrypt the entire
hard
I was searching for any hint that GRUB might support using a fingerprint
reading device as input for unlocking encryption.
I found discussion on the mailing list from 2009 centred mostly around TPM
which didn't seem to go anywhere, so I wondered what the current thoughts are
on supporting one?
On 15.08.2013 18:51, TJ wrote:
I was searching for any hint that GRUB might support using a fingerprint
reading device as input for unlocking encryption.
It's not possible to do securely as fingerprints are not secret. In
fact, there are plenty of owner fingerprints on the laptop.
But