top | item 42734171

(no title)

dangero | 1 year ago

Depends on the use case. If boot requires a password, the computer can never lose power or be rebooted without human presence. That’s not always practical.

discuss

teddyh|1 year ago

You can reboot your full-disk-encryption server while you sleep. Obligatory plug: <https://www.recompile.se/mandos>

Disclosure: I am a co-author of Mandos.

prennert|1 year ago

Has this solution been audited? In particular, is it safe to replay attacks by actors listening in to the network traffic?

Also from the diagram it looks like the secret key is stored unencrypted on the server, or do I read it wrong?

gerdesj|1 year ago

Thank you for this. I will almost certainly be deploying that.

prmoustache|1 year ago

That is what remote kvm are for and if you do that on commodity hardware you can start a tiny ssh server starting up from an initrd. Having said that an attacker with local access could change the initrd without your knowledge so that it logs the password you enter so it is not necessarily the most secure solution.

deno|1 year ago

You’ve answered it yourself. Without TPM you have no idea if you can provide the secret to the system or if it’s compromised. Whether that secret comes from TPM or network is secondary.

tucnak|1 year ago

Google: IPMI, BMC