Mailinglist Archive: opensuse (2532 mails)

< Previous Next >
Re: [opensuse] decrypting LUKS partitions without passphrase
  • From: Sam Clemens <clemens.sam1@xxxxxxxxx>
  • Date: Sat, 03 May 2008 21:56:35 -0400
  • Message-id: <481D17D3.5050804@xxxxxxxxx>
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



The Saturday 2008-05-03 at 18:08 -0400, Sam Clemens wrote:

Is there a specific reason you are encrypting swap?

It is standard procedure.

Think: your portable is hibernated and then stolen.

Hint:

The password to mounted encrypted partition is in clear text in memory, thus, in the swap. And any thing you may have opened.



Hint.. if you're portable is hibernated, then when the
thief restarts it, all of your partitions are already
mounted with good passwords, and can be perused by
merely doing

$ strings /dev/kmem | more
$ strings /dev/mem | more

or alternatively


$ for f in /proc/*/mem
do
strings $f | less
done
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >