You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2023-10-23 11:01:56
- lester29
- Member
- Registered: 2022-10-31
- Posts: 9
Full disk-encryption question
Hi
I need to set up full disk encryption of the linux in my laptop.
Questions:
1. Does an encryption key on the USB protect against rubber-hose
cryptanalysis?
2. Is it true that key on pendrive is more risky than password because
someone can steal the usb key and access data without the need of password?
3. What do you think about simply encrypting the disk with LUKS and do
encrypted backups?
My threat model is someone stealing my laptop rather than FBI, government 
Thank you, lester29
Offline
#2 2023-10-24 09:05:05
- Lone_Wolf
- Administrator
- From: Netherlands, Europe
- Registered: 2005-10-04
- Posts: 13,033
Re: Full disk-encryption question
A1 : Nope. Transferring all access control to a secure 3rd party is the only way I can think of to make that a lot harder..
A2: yes, that's why U2F & FIDO2 protocols were designed and implemented in products like Yubikey.
A3: A big improvement over not using encryption .
Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.
clean chroot building not flexible enough ?
Try clean chroot manager by graysky
Offline
Pages: 1