tech-security archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: cgd and remote keys
Hi,
Just additional note, it is possible to store /etc/cgd/* content on usb
memory, already tested. You just need to add a line into /etc/fstab.
Although this does not allow you to enable remote reboot, it is much more
secure than storing cgd key on / partition.
Best wishes,
Curt Sampson wrote:
>
> I've been thinking recently about how to add some additional security
> to hosts in less-secure physical locations, where there's a possibility
> they could be stolen. I'd like to use CGD to encrypt parts of the disks,
> but it always seemed rather pointless if the key was in a file on the
> disk, and of course the machine can't reboot unattended if it's not.
>
> A solution to this did occur to me, however. If I added a new key
> generation method to cgdconfig that made a TCP connection to a given
> host, sent an identifier, and read back a key or passphrase, I could
> have a server (or group of servers) elsewhere on the net supply that.
> That server could refuse to return the information if the request came
> from an unexpected IP address, and I could also disable that key in the
> server if I found out the machine had been stolen (which I would very
> quickly if I were monitoring it via Nagios or whatever).
>
> For an unecrypted connection, this means that the perpetrator of a back
> bag job would need to either sniff the key/passphrase in an exchange
> before stealing the host, or compromise one of the servers holding the
> key/passphrase. The former attack could be prevented by using IPSec.
>
> I would also need to add a post-network /etc/rc.d/cgd script, probably
> reading from a different config file (/etc/cgd/cgd-net.conf).
>
> Of course, one couldn't encrypt one's root partition with this method,
> but for encrypting something like /home or a data partition, it would be
> fine.
>
> Does this seem like a reasonable idea? Does anybody have any further
> comments? Is there an existing protocol we might use that would be as
> simple as a simple TCP connection? (HTTP comes to mind.) Would anybody
> object to me writing and committing this, along with committing a simple
> server to pkgsrc?
>
> cjs
> --
> Curt Sampson <cjs%starling-software.com@localhost> +81 90 7737
> 2974
> Mobile sites and software consulting: http://www.starling-software.com
>
>
-----
----------------
Cem Kayalı
--
View this message in context:
http://www.nabble.com/cgd-and-remote-keys-tp14554773p14588322.html
Sent from the tech-security mailing list archive at Nabble.com.
Home |
Main Index |
Thread Index |
Old Index