You are not logged in.

#1 2007-06-19 21:57:05

loded
Member
Registered: 2007-06-19
Posts: 4

Creating a secure shared workstation

I'm trying to create a secure shared workstation to be used by people I trust.
- The root of the workstation should be encrypted
- Each (real-life) user must have their home directory contents stored encrypted on their USB-stick

I'm wondering whether the following is possible with Archlinux:

Each user would have an USB-stick containing one encrypted partition (using LUKS). The workstation would have an encrypted root (also using LUKS) using a single key which is stored on each of the encrypted USB-sticks (say in the file secure_pc_key).
(1) On boot, the user would have his/her USB-stick inserted into the workstation. He/she would enter the passphrase to unlock the encrypted partition on their USB-stick, and the key for the encrypted root will be read from the secure_pc_key file on the unlocked partition on the USB-stick.
(2) The partition on the USB stick will be mounted to be used as the home directory for the user user (yes, that's a single username for all the different real-life users) and user will be automatically logged in.

This is slightly different from the 'using a usb stick as the key to your encrypted root'-technique as described on the LUKS_Encrypted_Root wiki.

Any idea's/pointers?

Offline

#2 2007-06-23 13:23:23

loded
Member
Registered: 2007-06-19
Posts: 4

Re: Creating a secure shared workstation

Could someone move this post to 'Desktop Environments'? I'm getting the impression I posted this in the wrong subforum.

Offline

Board footer

Powered by FluxBB