<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: Additional security for laptops...
From: Gregory Hosler <gregory.hosler,AT,eno,DOT,ericsson,DOT,se>
Date: Fri, 17 Jan 2003 09:53:29 +0100
In-reply-to: <Pine.GSO.4.44.0301171009230.885-100000@cs.uku.fi>

On 17-Jan-03 Mikko Pasanen wrote:
> 
>       How about encrypting partitions which are containing critical
> information ? Of course it would be harder to borrow machines, but I think
> it possible to easily separate "critical" information and regular stuff,
> and then if the user cannot mount critical stuff they cannot access the
> network and can login with guest account.

the password is on the root partition (in /etc/cipe, which by definition 
*will*
be in the root partition). if you're gonna encrypt the root partition, and 
then
lend out the laptop, you need to release the password for the root partition,
otherwise you might as well not lend out the laptop in the first place.

:)

-Greg

> On Fri, 17 Jan 2003, Bill Cox wrote:
> 
>> To get around this, I've written a simple script to decrypt the key
>> file, bring up the cipe connection, and then delete the unencrypted key
>> file.  To decrypt the key file, the user has to know the password.  This
>> way, a stollen laptop can't easily be used to access our network.
>>
>> Would there be any interest in adding a password feature so there would
>> never be an unencrypted key file on the disk?  This would require the
>> user to type a password to enable a cipe connection.  This would not be
>> good on servers, but it would be nice for laptop clients.
>>
> 
> 
> --
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive:
> <URL:http://sites.inka.de/~bigred/devel/cipe.html>

----------------------------------
E-Mail: Gregory Hosler <gregory.hosler,AT,eno,DOT,ericsson,DOT,se>
Date: 17-Jan-03
Time: 16:41:20

  If each of us have one object, and we exchange them,
     then each of us still has one object.
  If each of us have one idea,   and we exchange them,
     then each of us now has two ideas.

----------------------------------





<< | Thread Index | >> ]    [ << | Date Index | >> ]