"A month of sundays ago Grendel wrote:"
Checking application/pgp-signature: FAILURE
-- Start of PGP signed section.
> ** On Feb 20, Mike scribbled:
> > >encrypted_file(fs) -> read_encrypted_chunk
> > >encrypted_chunk -> send_over_encrypted_link
> > >remote_end -> receive_double_encrypted_data -> decode_the_transmission_data
> > >encrypted_chunk_decode -> real_data
> > >
> > >The data is out of reach of the local root.
Out of interest, why the encrypted link? I can only imagine it to be of
use in setting up key pairs. That's one time only. Even then does it
matter? All data is imported/exported/held on the server encrypted.
It's only deciphered (-able) on the remote.
> > True, but the problem is that no remote machine exists. This is
> > a workstation that is used locally, not via a network. That is a
> > good solution for the remote case however IMHO.
> In case of local-only, you can always ssh to the local machine when using
Eh? You are suggesting that your entire session take place inside ssh
in order to protect you from snooping on the same machine!
Unfortunately, root can see you directly. You type ABC and root can see
ABC. Yes, he might find it hard to break in to your session (see
snoopd?). So what?
> the protected data. True, the connection encryption key can be spoofed
> during the ssh negotiation phase, but that's a bit tricky, so it takes a
> really knowledgeable admin to do it, IMO.
You're suggesting that root pretend to be the encrypted file system?
Does that buy him anything?
Peter
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:24 EST