hi,
berta...@ptitcanardnoir.org wrote (14 Jan 2011 14:41:57 GMT) :
> This is surely a big enhancement over our previous implementation,
> nice you're working on it.
pushed to devel branch.
I only tested in KVM+ISO, needs to be tested on bare-metal {CD, USB}.
> On that subject, I realized this mo
On Fri, Jan 14, 2011 at 12:26:13AM +0100, intrigeri wrote:
> Hi,
>
> > Still, if the kexec method don't help in wiping key material, I
> > suppose writing a very simple wrapper to cryptsetup that use
> > luksSuspend then luskClose when cryptsetup is called to luksClose an
> > encrypted disk might
Hi,
berta...@ptitcanardnoir.org wrote (13 Jan 2011 12:29:22 GMT) :
> When you luksClose a disk/volume, it's key material is forgotten by
> the kernel, but still in memory (if I understood how it works). But
> it seems that in the kernel the code to wipe a key material is
> already there, and used