Language Selection

English French German Italian Portuguese Spanish

LUKS mermaids of remote unlock

Filed under
Security

Recently, I’ve browsed several how-to’s regarding the possibility of unlocking a LUKS root volume remotely using an SSH connection. For reference, the first of its kind is the one for Debian, published at Coulmann.de. Some of these how-to’s were posted to forums and mailing-lists and received many thankful comments from sysadmins wondering how to make their encrypted secure setup also easy to administrate.

The problem with their approach is simple: they asked how to fix their setup, but forgot to ask what they’re trying to protect. Having your root filesystem on an encrypted disk doesn’t protect you from remote exploitation or credential leaks. It just protects you from the risk of someone being able to access your machine locally and steal your data, or just steal the whole machine altogether. Now, if I were an attacker having access to your hardware locally,

I could easily setup a trap for you in less than 5 minutes:




More in Tux Machines

Simplenote want developers to make a GNU/Linux implementation

Matt Mullenweg founder and CEO of Automattic which is responsible for WordPress.com has reached out to people who develop software on the GNU/Linux platform to find someone who will bring the Simplenote application to GNU/Linux. Read more

How to set up Raspberry Pi, the little computer you can cook into DIY tech projects

You don't need an electrical engineering degree to build a robot army. With the $35 Raspberry Pi B+, you can create robots and connected devices on the cheap, with little more than an Internet connection and a bunch of spare time. The Raspberry Pi is a computer about the size of a credit card. The darling of the do-it-yourself electronics crowd, the Pi was originally designed to teach kids computer and programming skills without the need for expensive computer labs. People have used Raspberry Pis for everything from robots to cheap home media centers. The Pi sports USB ports, HDMI video, and a host of other peripherals. The latest version, the B+, sports 512MB of RAM and uses a MicroSD card instead of a full-size card. Read more

LibreOffice Ported To 64-bit ARM (AArch64)

As more and more open-source programs get brought up for 64-bit ARM, LibreOffice is the latest to receive such AArch64 enablement. As of today in LibreOffice Git is the initial AArch64 support. Over one thousand new lines of code were added to LibreOffice by Red Hat's Stephan Bergmann for allowing the open-source office suite to build on the ARMv8 64-bit architecture. LibreOffice already runs on many CPU architectures from x86 to Alpha and SPARC with ARM64 just being the latest. Read more

SUSE's Flavio Castelli on Docker's Rise Among Linux Distros

Docker has only gained traction since its launch a little over a year ago as more companies join the community's efforts on a regular basis. On July 30, the first official Docker build for openSUSE was released, making this distribution the latest among many to join the fray. I connected with Flavio Castelli, a senior software engineer at SUSE, who works extensively on SUSE Linux Enterprise and has played a major role in bringing official Docker support to openSUSE. In this interview, he discuses the importance of bringing Docker to each Linux distribution, the future of Docker on SUSE Linux Enterprise, and other interesting developments in the Docker ecosystem. Read more