You are not logged in.

#1 2023-10-23 11:01:56

Registered: 2022-10-31
Posts: 9

Full disk-encryption question


I need to set up full disk encryption of the linux in my laptop.


1. Does an encryption key on the USB protect against rubber-hose
2. Is it true that key on pendrive is more risky than password because
someone can steal the usb key and access data without the need of password?
3. What do you think about simply encrypting the disk with LUKS and do
encrypted backups?

My threat model is someone stealing my laptop rather than FBI, government big_smile

Thank you, lester29


#2 2023-10-24 09:05:05

Forum Moderator
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 12,375

Re: Full disk-encryption question

A1 : Nope. Transferring all access control to  a secure 3rd party is the only way I can think of to make that a lot harder..

A2: yes, that's why U2F & FIDO2 protocols were designed and implemented in products like Yubikey.

A3: A big improvement over not using encryption .

Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.

clean chroot building to complicated ?
Try clean chroot manager by graysky


Board footer

Powered by FluxBB