(oddlama.org)

189 points arjvik | 1 comments | 17 Jan 25 03:00 UTC | HN request time: 0s | source

Show context

acheong08 ◴[17 Jan 25 04:12 UTC] No.42733994[source]▶

I don't understand why anyone would use passwordless disk encryption. It just seems inherently vulnerable, especially with the threat model of physical compromise.

Entering a password on boot isn't even that much work

replies(19): >>42734012 #>>42734073 #>>42734132 #>>42734171 #>>42734304 #>>42734370 #>>42734375 #>>42734397 #>>42734516 #>>42734734 #>>42734841 #>>42734892 #>>42734925 #>>42735445 #>>42736160 #>>42739068 #>>42740673 #>>42741392 #>>42742256 #

mcny ◴[17 Jan 25 04:25 UTC] No.42734073[source]▶

>>42733994 #

> Entering a password on boot isn't even that much work

It is on fedora. I wabt the latest packages and I want to install them with dnf offline upgrade but now I need to put in password twice once for the updates d again for next boot. If it is a server, I don't want to keep a monitor attached to it just to enter the password. I want the computer to just boot.

There has to be a better way.

replies(5): >>42734160 #>>42734307 #>>42734850 #>>42734871 #>>42735746 #

1. johnisgood ◴[17 Jan 25 07:01 UTC] No.42734850[source]▶

>>42734073 #

There is: https://news.ycombinator.com/item?id=42734841.

↑

Bypassing disk encryption on systems with automatic TPM2 unlock