Skip to main content
Information Security

Questions tagged [luks]

Ask Question

LUKS (Linux Unified Key Setup) is a disk-encryption specification.

157 questions
Newest Active Bountied Unanswered
5 votes
1 answer
795 views

I noticed that with Linux pam-u2f module whether you are required to input your PIN can be changed by simply editing ~/.config/Yubico/u2f_keys file and either adding +pin to your configuration line or ...
ojs's user avatar
  • 151
0 votes
0 answers
113 views

I'm trying to attack LUKS header for an assignment. I have to use john and I need to crack the sha256 hash. I made a virtual partition using dd to simulate a storage device on Kali. I encrypted it ...
Sbanz's user avatar
  • 1
12 votes
3 answers
4k views

I read the following article and it says to "Stuff random data to the device" (using shred) before encrypting with LUKS. How to enable LUKS disk encryption with keyfile on Linux Why would ...
AlanQ's user avatar
  • 121
1 vote
1 answer
203 views

I added a FIDO2 token to my encrypted root parition with systemd-cryptenroll <DISK> --fido2-with-client-pin=true \ --fido2-with-user-presence \ --fido2-device=auto The tool has three ...
Janning Vygen's user avatar
  • 135
2 votes
3 answers
1k views

Question 1: Can you confirm that in a full disk encryption setup like BitLocker, when we normally boot the system, use the password, and log in, the key to decrypt the disk is loaded into RAM? If so, ...
allexj's user avatar
  • 537
3 votes
1 answer
810 views

I remember about 90% of my password used for encrypting the persistent user data file system (stored as knoppix-data.aes) while setting up Knoppix a few years ago and would now like to explore the ...
sarahstern's user avatar
  • 33
2 votes
1 answer
791 views

Its a tale as old as full-disk encryption. Another victim of complicated passwords succumbs to LUKS on the Linux system. I recently changed my LUKS encrypted drive password on a laptop, but my laptop ...
Asci's user avatar
  • 21
5 votes
0 answers
150 views

I use Linux on my laptop and I do Full Disk Encryption with the LUKS keys enrolled into TPM2 against proper PCRs to make sure firmware, UEFI and Secure Boot setup are in a known-good state. ...
deniable_encryption's user avatar
  • 51
0 votes
1 answer
307 views

From what I understand, argon provides a delay between password attempts. Does luks allow increasing or reducing the delay?
CarriMegrabyan's user avatar
  • 121
3 votes
2 answers
3k views

The luksFormat command accepts iteration time as a parameter, not iterations. That obviously leads to quite different number of iterations depending on the hardware doing the encryption. However if ...
graywolf's user avatar
  • 445
1 vote
1 answer
441 views

I am trying to understand the risks of configuring passwordless decryption via TPM of a LUKS/dm-crypt system with something like: systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+1+2+3+4+5+7+8 /...
StrongBad's user avatar
  • 301
0 votes
1 answer
151 views

I have developed a web service for customer. The web service is written in Python and running in Docker containers. It is managed by docker compose. The customer wants my web service to run on their ...
harry_tums's user avatar
  • 1
1 vote
1 answer
1k views

I'm looking into hardening an embedded device using TPM2 with an encrypted root (/) Linux partition. I've found various articles explaining how to embed LUKS keys into the TPM (eg this one). Unless ...
Philip Couling's user avatar
  • 153
0 votes
1 answer
1k views

If a person finds an old hard drive that was partially overwritten and let's say 1GB of that wasn't and was formerly used for part of a LUKS encrypted partition, what is the risk that such data, which ...
ppppppp2's user avatar
  • 1
1 vote
1 answer
345 views

I am stuck with an issue of needing a break glass account on remote laptops. It's a bit a strange situation. The laptops are built and rebuilt remotely using a small PXE setup that goes with the ...
scrapps's user avatar
  • 11

15 30 50 per page
1
2 3 4 5
11