View previous topic :: View next topic |
Author |
Message |
bernhardd n00b
Joined: 31 Aug 2012 Posts: 8
|
Posted: Fri Aug 31, 2012 7:57 pm Post subject: Storing luks passphrase in a variable during early boot |
|
|
Hi,
I have two luks partitions for root and swap with the same passphrase. Is it unsafe to read the passphrase into a variable and pipe it to cryptsetup in the initramfs init script:
Code: |
#!/bin/busybox sh
KMAP=binay keymap file
CRYPT_ROOT_UUID=uuid of the root partition
CRYPT_SWAP_UUID=uuid of the swap partition
mount -t proc none /proc
mount -t sysfs none /sys
mount -t devtmpfs none /dev
loadkmap < /etc/$KMAP
read -s PASSP
echo "$PASSP" | /sbin/cryptsetup luksOpen $(findfs UUID=$CRYPT_ROOT_UUID) root
echo "$PASSP" | /sbin/cryptsetup luksOpen $(findfs UUID=$CRYPT_SWAP_UUID) swap
SWAP_MAJ=$(stat -c 0x%t /dev/mapper/swap)
SWAP_MIN=$(stat -c 0x%T /dev/mapper/swap)
echo $((SWAP_MAJ)):$((SWAP_MIN)) > /sys/power/resume
mount -o ro /dev/mapper/root /mnt/root
umount /proc
umount /sys
umount /dev
exec switch_root /mnt/root /sbin/init
|
What happens to PASSP after the switch to real root? |
|
Back to top |
|
|
cach0rr0 Bodhisattva
Joined: 13 Nov 2008 Posts: 4123 Location: Houston, Republic of Texas
|
Posted: Fri Aug 31, 2012 8:38 pm Post subject: |
|
|
it should not be unsafe to do this
a keyfile store in memory is a keyfile stored in memory, whether it's before or after you switch_root
doing this doesnt open you up to any *new* attacks, but there still exists the possibility of men i black suits taking something really cold to your memory sticks, dumping them, and analyzing the dump for your cleartext key at their leisure
protecting against that requires something like TRESOR, but I'm not terribly convinced I trust TRESOR yet. _________________ Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash |
|
Back to top |
|
|
bernhardd n00b
Joined: 31 Aug 2012 Posts: 8
|
Posted: Fri Aug 31, 2012 9:59 pm Post subject: |
|
|
Thanks for your help cach0rr0. If I get you right the passphrase will stay in memory after early boot, but won't be accessbile through PASSP from inside the booted OS. Nor will it find its way into the OS by logging or something like that. |
|
Back to top |
|
|
cach0rr0 Bodhisattva
Joined: 13 Nov 2008 Posts: 4123 Location: Houston, Republic of Texas
|
Posted: Fri Aug 31, 2012 11:13 pm Post subject: |
|
|
bernhardd wrote: | Thanks for your help cach0rr0. If I get you right the passphrase will stay in memory after early boot, but won't be accessbile through PASSP from inside the booted OS. Nor will it find its way into the OS by logging or something like that. |
if you were to pass the variable to ${PASSP} to /sbin/init in your switch_root statement, it would be available/visible to the OS
otherwise, it will not.
again though, it doesn't make a ton of difference as far as the recoverability of the key goes.
the key is still going to be cleartext in memory, whether it's the initramfs storing it as a variable, or the OS storing it in memory after switch_root
so in either case, if someone can read your memory, they can read your key. _________________ Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash |
|
Back to top |
|
|
bernhardd n00b
Joined: 31 Aug 2012 Posts: 8
|
Posted: Sat Sep 01, 2012 8:16 am Post subject: |
|
|
Thanks. |
|
Back to top |
|
|
|