On 05/18/2010 07:57 PM, Jan Engelhardt wrote:
> On Tuesday 2010-05-18 18:56, Stefan G. Weichinger wrote:
>>>> Do you know any howto where it is done "the right way"?
>>> The right and easy way is to just use the supplied pmt-ehd(8) tool,
>>> which works both interactively and non-interactively, depending on
>>> whether it's called with enough arguments or not, so there's something
>>> for everybody's flavor.
>>> It does not do LUKS yet as of pam_mount 2.2, though. Guess my
>>> todo list gets longer..
>> But given the fact that I store the key on the same hard-disk with the
>> shadowed user-pw I could also leave that openssl-part straight away,
>> correct?? seems the same level of (in)security to me ...
> Yes. The point of keyfiles is to be able to change the password on
> a volume.
> Without a keyfile, a crypto program would take the password, hash it
> somehow, and you get your AES key. Changing the password means having
> a different AES key, meaning decrypting the disk will yield a
> different result. In other words, changing the password would require
> at least reading the old data, reencrypting it and writing it again.
> Takes time.
> With a keyfile, you retain the same AES key all the time, and encrypt
> the AES key itself - reencrypting the AES key is quick, as it's
> only some xyz bits, not terabytes.
That's not true for LUKS. This is one of the nice things about it:
Multiple keys can be used on a volume, and it is possible to change the
passwords in a safe way. (You have 8 "key slots", each can be used to
decrypt the volume. To change a PW use a new slot, then remove the old
one.) The trick here is that LUKS does by itself safely, what you are
trying to do with the SSL-key in a hackish way (no offense). The key
setup scheme is a modified TKS1 (nice Paper:
http://clemens.endorphin.org/TKS1-draft.pdf - read section 2 "Two Level
Encryption") which uses the keys in the key slots to encrypt a master
key which is used to encrypt the volume. So the only key(s) you ever
change is the key(s) encrypting the master key.
LUKS really does by itself already, what you are doing
So I'm pretty sure, that it is safer to use the LUKS key setup (that has
been peer-reviewed by security experts), than a self written shell script.
PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887&op=get
# gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887