[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ssh clarification needed


Well, ...

On Jan 5, 2009, at 1:44 AM, Robert L Cochran wrote:

Mail Lists wrote:
On 01/04/2009 11:24 AM, Mike Cloaked wrote:

By the way if your root partition was not encrypted then someone with physical access to your machine could boot into single user mode and get root access - hence encrypting the root partition is probably the only way
to avoid that - unless someone knows a different way in?

Just boot a CD, DVD or USB key I own the whole laptop - as a bad guy i
would prefer to boot my own OS anyway not yours.

I disagree with this. I know from experimenting that if I boot another
Linux OS (regardless of media used) and then try to access the data on
separate a LUKS encrypted device, I can't see that data without
providing the passphrase.

Be careful to distinguish between "can't see the unencrypted data" and "can't see the encrypted data".

As a matter of fact you are prompted to supply
the passphrase.

Remember, that's with the standard tools, of course.

If you boot a Microsoft Windows OS you can't see the
data anyhow...Microsoft Windows doesn't recognize non-Microsoft
filesystems such as ext3.

Again, that's with the standard tools.

How much you have to worry about things like that depends a lot on what you have on your storage device, of course. Well, I should say, it depends on what your opponent thinks you have on the device.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]