Language Selection

English French German Italian Portuguese Spanish

LUKS mermaids of remote unlock

Filed under
Security

Recently, I’ve browsed several how-to’s regarding the possibility of unlocking a LUKS root volume remotely using an SSH connection. For reference, the first of its kind is the one for Debian, published at Coulmann.de. Some of these how-to’s were posted to forums and mailing-lists and received many thankful comments from sysadmins wondering how to make their encrypted secure setup also easy to administrate.

The problem with their approach is simple: they asked how to fix their setup, but forgot to ask what they’re trying to protect. Having your root filesystem on an encrypted disk doesn’t protect you from remote exploitation or credential leaks. It just protects you from the risk of someone being able to access your machine locally and steal your data, or just steal the whole machine altogether. Now, if I were an attacker having access to your hardware locally,

I could easily setup a trap for you in less than 5 minutes:




More in Tux Machines

Distro Development: Rescatux and Bodhi

  • Rescatux 0.40 beta 9 released
    Many code in the grub side and in the windows registry side has been rewritten so that these new features could be rewritten. As a consequence it will be easier to maintain Rescapp. Finally the chntpw based options which modify the Windows registry now perform a backup of the Windows registry files in the unlikely case you want to undo some of the changes that Rescapp performs. I guess that in the future there will be a feature to be able to restore such backups from Rescapp itself, but, let’s focus on releasing an stable release. It’s been a while since the last one. UEFI feedback is still welcome. Specially if the Debian installation disks work for you but not the Rescatux ones.
  • Bodhi 4.0.0 Updates and July Donation Totals
    Late last month I posted a first alpha look at Bodhi 4.0.0. Work since then has been coming along slowly due to a few unpredictable issues and my own work schedule outside of Bodhi being hectic over the summer. Bodhi 4.0.0 will be happening, but likely not with a stable release until September. I am traveling again this weekend, but am hoping to get out a full alpha release with 32bit and non-PAE discs next week.

Devices and Android

Leftovers: BSD/LLVM

Emma A LightWeight Database Management Tool For Linux

Today who does not interact with databases and if you're a programmer then the database management is your daily task. For database management, there is a very popular tool called, MySQL Workbench. It's a tool that ships with tonnes of functionalities. But not all of us as beginner programmers use all Workbench features. So here we also have a very lightweight database manager in Linux, Emma. Read
more