[TriLUG] best way to hack root...
Alan Porter
porter at trilug.org
Fri Feb 22 09:57:32 EST 2013
> Ecrypted files systems are great until you forget the passphrase. Then you have NO options.
On the two systems that I use full-disk encryption, I have multiple keys
and I store the "backup" one in a "safe place".
On my Linux laptop, I use LUKS, which supports up to 8 passphrases for a
single volume. I assign two passphrases -- one to use every day, and a
second that is harder to remember (I think I just did "$(date | md5sum)"
and cut-pasted it in). I printed the second passphrase on a small piece
of paper and filed it in a "safe place" -- think "geocache in the woods"*.
On my Macbook, I use their built in "File Vault". It has the same
setup, using both my user password and a secondary backup passphrase. I
took a photo of the generated backup passphrase, printed it out, and
then went for a hike in the woods.* Apple also offers an optional
service of storing your disk passphrase on their servers -- I declined that.
* OK, really, I did not hide those papers in the woods. But that sure
does appeal to the über-paranoid side of me. Apparently, that side
likes to go hiking.
--
# Alan Porter
More information about the TriLUG
mailing list