luks increase delays between password attempts
From what I understand, argon provides a delay between password attempts. Does luks allow increasing or reducing the delay?
Continue reading luks increase delays between password attempts
Collaborate Disseminate
From what I understand, argon provides a delay between password attempts. Does luks allow increasing or reducing the delay?
Continue reading luks increase delays between password attempts
From what I understand, argon provides a delay between password attempts. Does luks allow increasing or reducing the delay?
Continue reading luks increase delays between password attempts
I’m using Cubic (https://github.com/PJ-Singh-001/Cubic) to create a custom Ubuntu. So far so good, everything is going smoothly.
However, I would like to encrypt the USB stick that contains my custom Ubuntu image so that I:
boot usb (load… Continue reading How to encrypt with LUKS a live Ubuntu usb stick that has been customized with Cubic? [migrated]
The luksFormat command accepts iteration time as a parameter, not iterations. That obviously leads to quite different number of iterations depending on the hardware doing the encryption. However if I am protecting the same data on system… Continue reading LUKS: How many iterations are enough?
I am trying to understand the risks of configuring passwordless decryption via TPM of a LUKS/dm-crypt system with something like:
systemd-cryptenroll –tpm2-device=auto –tpm2-pcrs=0+1+2+3+4+5+7+8 /dev/disk/by-uuid/XXX-XXX
The idea would … Continue reading Using TPM to unlock LUKS/dm-crypt volume
I have developed a web service for customer. The web service is written in Python and running in Docker containers. It is managed by docker compose.
The customer wants my web service to run on their own Ubuntu servers, but I have control o… Continue reading Is deploying a web application to a customer’s encrypted drive a secure solution against code theft?
Security threat: physical theft of a laptop and a server that use TPM2 auto unlock FDE with LUKS. In both cases the TPM checks against some PCRs before unsealing the key. The laptop prompts for a TPM PIN, the server doesn’t. The attacker i… Continue reading PCR to prevent TPM2 key unsealing in case of rogue DMA devices connected?
I need to enable hybernation to the LUKS-encrypted drive. My /boot partition is unencrypted hence it stores all kernel images as well as kernel parameters in unencrypted form. For hybernation to work I should specify where the swap file st… Continue reading Is specifying resume_offset for hybernation to LUKS-encrypted drive safe?
I’m looking into hardening an embedded device using TPM2 with an encrypted root (/) Linux partition. I’ve found various articles explaining how to embed LUKS keys into the TPM (eg this one). Unless otherwise informed, I assume this can be… Continue reading How does a TPM module protect keys LUKS keys on Linux
If a person finds an old hard drive that was partially overwritten and let’s say 1GB of that wasn’t and was formerly used for part of a LUKS encrypted partition, what is the risk that such data, which looks random, could be brute force dec… Continue reading LUKS brute force risk?