ssh clarification needed
Joel Rees
joel.rees at gmail.com
Mon Jan 5 02:26:59 UTC 2009
empirical.
Well, ...
On Jan 5, 2009, at 1:44 AM, Robert L Cochran wrote:
> Mail Lists wrote:
>> On 01/04/2009 11:24 AM, Mike Cloaked wrote:
>>
>>
>>
>>> By the way if your root partition was not encrypted then someone
>>> with
>>> physical access to your machine could boot into single user mode
>>> and get
>>> root access - hence encrypting the root partition is probably the
>>> only way
>>> to avoid that - unless someone knows a different way in?
>>>
>>
>> Just boot a CD, DVD or USB key I own the whole laptop - as a bad
>> guy i
>> would prefer to boot my own OS anyway not yours.
>>
> I disagree with this. I know from experimenting that if I boot another
> Linux OS (regardless of media used) and then try to access the data on
> separate a LUKS encrypted device, I can't see that data without
> providing the passphrase.
Be careful to distinguish between "can't see the unencrypted data"
and "can't see the encrypted data".
> As a matter of fact you are prompted to supply
> the passphrase.
Remember, that's with the standard tools, of course.
> If you boot a Microsoft Windows OS you can't see the
> data anyhow...Microsoft Windows doesn't recognize non-Microsoft
> filesystems such as ext3.
Again, that's with the standard tools.
How much you have to worry about things like that depends a lot on
what you have on your storage device, of course. Well, I should say,
it depends on what your opponent thinks you have on the device.
More information about the fedora-list
mailing list