[SATLUG] LUKS encrypting logical volumes on Debian Lenny Server
Daniel J. Givens
daniel at rugmonster.org
Thu May 1 08:55:59 CDT 2008
Chris Lemire wrote:
> I didn't know I could use keys instead of the encryption paraphrase. Can I have it read keys over a network from another computer?
No. The point of the USB key is that it's a physical token. When
combined with the use of a passphrase, you can leverage the "something
you have/something you know" for an additional layer of security.
Conceivably, provided you didn't need the encrypted volume immediately
at boot, you could put your key file on a network volume and mount that
prior to mounting the encrypted volume.
> No, I just do this because I can like all the other stuff I do for Linux. It's fun to me. Who knows why?
Okay! I completely understand! I just wanted to make sure I pointed that
out in case you were hoping to use that setup with the assumption that
you were going to get an additional layer of security.
More information about the SATLUG