Yubikeys are now supported
Paul Wouters
paul at xelerance.com
Fri Oct 8 21:48:34 UTC 2010
On Fri, 8 Oct 2010, Nathanael D. Noblet wrote:
> On 10/07/2010 10:58 PM, Paul Wouters wrote:
>> One usage of yubikey I would like very much is as storage for the AES
>> encryption key for disk encryption. I'd prefer the disk crypto key to
>> not be on the disk at all, protected by just a passphrase. It would be
>> nice to have it on a yubikey instead.
>
> I just ordered a yubikey for this express purpose, we have a product
> under development that has an encrypted partition that gets decrypted by
> a key on a USB thumbdrive - not the best... When I saw these I
> immediately thought I should see about getting them used to unlock
> encrypted partitions!... I'll keep you informed.
Note that yubikeys are not (yet) usable for this. You cannot request the
AES key from it (AFAIK), only an OTP. And the OTP can also not be used to unlock
an AES key on the harddisk because it is different for each activation.
Paul
More information about the devel
mailing list