ssh clarification needed
Robert L Cochran
cochranb at speakeasy.net
Sun Jan 4 16:36:08 UTC 2009
Mike Cloaked wrote:
>
> Mike Cloaked wrote:
>
>> If someone could boot the machine into single user mode then they could
>> get in b ut only if they have the luks passphrase. So doing a fully
>> encrypted install is pretty safe in the event the laptop got into the
>> wrong hands. I am not even sure any of the tools currently available would
>> be able to compromise a machine installed that way but no doubt other
>> security experts will comment on that.
>>
>>
>>
>
> By the way if your root partition was not encrypted then someone with
> physical access to your machine could boot into single user mode and get
> root access - hence encrypting the root partition is probably the only way
> to avoid that - unless someone knows a different way in?
>
>
The encryption feature is wonderful, I encrypt every partition on my
Fedora 10 laptop. That keeps private things private: someone will have
to learn the passphrase if they want to see the actual data.
Suppose you are keeping critical information on an encrypted drive and
you are living with a significant other who is financially dependent on
you. Be sure that person knows the passphrase (or has access to it) and
has training in how to log in to Fedora (or has access to documentation
for doing so.) Leave a list of critical files the other party should
know about. This is to ensure that if you die your loved one can get
access to needed information.
Bob Cochran
More information about the fedora-list
mailing list