tech-security archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: cgd and remote keys
On Mon, 31 Dec 2007, Curt Sampson wrote:
> [encrypted disk on machine with inaccessible console]
> Is there an existing protocol we might use that would be as simple as
> a simple TCP connection? (HTTP comes to mind.)
Under FreeBSD with the "geli" disk encryption scheme, I once
embedded an HTTPS server in the code that prompts for a password.
The password prompt appears on the console as usual, and a web
server starts listening on a configurable port; whichever gets a
password first wins. I used a modified verion of shttpd as the
embedded web server. shttpd is not in pkgsrc, but is available from
<http://shttpd.sourceforge.net/>. My code is not ready for public
consumption, but I could get it ready if there's interest.
> Would anybody object to me writing and committing this, along with
> committing a simple server to pkgsrc?
I have no objection to your idea, but I prefer the HTTPS idea.
--apb (Alan Barrett)
Home |
Main Index |
Thread Index |
Old Index