All Questions
Tagged with encryptionsecurity
98 questions
11votes
4answers
1kviews
How can I secure unencrypted credential files, for programs that assume them (like gmi/lieer)?
Brief Q: How can I cryptographically secure a credentials file that is stored on disk as plaintext? Or, rather: how can I avoid storing credentials like those for Gmail and other API keys on disk? ...
- 287
0votes
0answers
27views
How to ask password after resume
I have Arch Linux with the following partitions: unencrypted swap partition unencrypted root partition, mounted as / encrypted EFI partition, mounted as /boot/efi. It contains the refind boot ...
- 131
0votes
1answer
74views
Ensuring no sensitive information is left unencrypted on disk after editing text file
I used a bootable Linux Mint USB to open a sensitive text file and add sensitive information to it. This text file is encrypted by Veracrypt and was only opened and edited while I was offline. After ...
6votes
2answers
16kviews
How do you mitigate the Terrapin SSH attack?
The Terrapin Attack on SSH details a "prefix truncation attack targeting the SSH protocol. More precisely, Terrapin breaks the integrity of SSH's secure channel. By carefully adjusting the ...
- 515
3votes
1answer
956views
Network Bound Disk Encryption (tang/clevis) Setup
I am trying to have NBDE on Ubunutu LTS 22.04.1 . basically i want my compute-1 node to auto decrypt on boot when it's able to ping controller (tang server) node. the problem is i encrypted every ...
0votes
1answer
43views
Is there any OS that can be installed to encrypt the whole drive that has multiple OS inside?
What am looking for is an OS with or without and interface that can encrypt the whole drive. So when the pc/laptop boots it boots to this os and I have to decrypt the drive and then I should be able ...
user494410
3votes
3answers
1kviews
Is it possible to encrypt sensitive data on a headless embedded device in a secure way?
My company works with Raspberry Pis, where all data (OS, our software, etc) is stored on an SD card. We configure these devices (load our software on them), and send them out into the field (an ...
- 477
1vote
0answers
102views
ansible - Storing generated secrets
I'm having issues understanding how ansible is supposed to store generated secrets safely. Basic example is generating a secret string, which I would like to store in my host_vars for future reference....
- 7,132
2votes
0answers
576views
Is there a way to "map" multiple files into a single file, without writing to disk or RAM?
I've been thinking about different ways files could be hidden, and while encryption is excellent at hiding the contents of files, they're not really good at hiding the fact that files exist. In the ...
0votes
0answers
120views
Can I use TPM-based transparent storage encryption, and have a recovery key?
We have 100ish laptops that run Windows 10 Enterprise with full on Bitlocker encryption, but we want to go away from Windows. I looked at multiple distros but none (and no open-source product) can ...
2votes
0answers
772views
Seal Self Encrypting Disk (sed) password in TPM
I have a Self Encrypted Disk (SED). I'd like to use sedutil to lock the disk, but I want the password to be sealed in the TPM module on board the system, instead of in ATA BIOS. Essentially I want the ...
- 173
4votes
1answer
2kviews
encrypt private keys for dropbear ssh-access
I'd like to use dropbear as an alternative, minimal ssh-server and -client. dropbear allows the use of private-public-keys for ssh-access, although the keys are not identical to the ones used by ...
- 406
0votes
1answer
576views
grub password protection necessary or overkill in an encrypted system?
I run debian with full encryption and wonder why I would also need a password protection for the bootloader...
0votes
2answers
124views
How to verify a public(facebook's) key ? and then sign and trust them
Recently I enabled gpp emails option in facebook. Then they sent me a test mail to check whether I'm able to decrypt that or not. So first I downloaded there public key from Here and imported in my ...
2votes
1answer
643views
Backup a LUKS encrypted device on the cloud
I am going to use LUKS for encryption, however I cannot find a thoughtful manual and best practices how to do so. Here I will list my questions, sorry for naivety. Apparently I don't need to encrypt ...
- 121
