Security of cloned disks (with changed passphrases)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am wondering if I perform this setup (cryptsetup version 1.1.2), how much risk do I expose my systems to?

Step 1: Create a base install that is encrypted with a fixed passphrase
Step 2: Create a disk image of this installed system
Step 3: Deploy image on N number of other systems
Step 4: Change the passphrase on all deployed systems

What happens if the passphrase becomes compromised on one of these systems?  Can that person gain the original LUKS AES key to the disk and therefore obtain a way to break into all of the other systems?

If yes, is there anything to do on each cloned system to improve security?

--
Best Regards,
Matthew Mosesohn
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt

[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux