Isn't it time for the encrypted file system???
Christopher Blizzard
blizzard at redhat.com
Mon Mar 27 20:58:40 UTC 2006
Linus Walleij wrote:
> The key is a key infrastructure, e.g. your device is encrypted so that
> you can access it with two keys: your key or a master key deployed at
> your company (this could be device-unique or just a big master key).
>
> I don't know if there are such things designed for LUKS tho...
>
Agreed on this point. Key recovery is a big problem and one that it
takes a lot of infrastructure to support. Red Hat has some products in
this area, but they aren't open source (yet.) But it's probably waaaay
too much for someone who just wants to download and try fedora. I would
suggest that designing so that it uses the right kinds of keys and what
you want the user experience to be is the right place to start. And
then figure out how to build management infrastructure from there.
--Chris
More information about the Fedora-maintainers
mailing list