Originally posted by LinAdmin
View Post
Announcement
Collapse
No announcement yet.
More Bcachefs Fixes Land In Linux 6.7
Collapse
X
-
Originally posted by kreijack View PostI think that ​linuxgeex ia saying that it is impossible to reboot a system remotely when it asks a password during the reboot, without BMC/KVM/IP setup. However this could be solved using a TPM, even tough is still a bit complex to setup properly (and securely )
Comment
-
Originally posted by evil_core View PostNot true, the only not-encrypted things are boot records. Grub can reside on btrfs over LUKS(some newer encryption schemes were not implemented by GRUB)
Grub then asks for password to decrypt partition, read it's config and voila:
[QUOTE] You can also also use embedded encryption in drives[QUOTE]
I covered that, but I was responding in context of Physical Security. If you add the keys to the system then you lose physical security. IE if someone has physical access or steals the system, then you may as well not have encrypted anything, since you gave them the keys to decrypt it on a silver platter.
Comment
-
Originally posted by anarki2 View PostUh, so much mumbo-jumbo and confusion.
No, you don't need a BMC to reboot remotely. To load a bootloader from a remote storage device, yes, you need a BMC, but that's totally different from a "reboot".
If you want physical security then you can't have the keys stored in the device, so you need to supply them at boot time; if you are not physically present then you need a remote access method.
And so much (useless) effort to "secure" your system, yet, no backup of photos, so you only lost track of the most important thing, namely the safety of your data...
You're only as sick as the secrets you keep.
Only a narcissist believes they live without error.Last edited by linuxgeex; 26 December 2023, 01:53 PM.
Comment
Comment