From: Dale <rdalek1967@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Encrypted drive setup at login and locking on logout.
Date: Mon, 6 Jul 2020 01:37:19 -0500 [thread overview]
Message-ID: <b04b4b78-ee35-8908-9311-5e65f0d5be9d@gmail.com> (raw)
In-Reply-To: <ac1f7450-052f-7318-a4ed-2eb4ebc6aef1@iinet.net.au>
[-- Attachment #1: Type: text/plain, Size: 2299 bytes --]
William Kenworthy wrote:
> Hi Dale, I looked at Veracrypt and ran into the fact that it on windows
> Veracrypt MUST be installed by an administrator which is a blocker for
> using USB keys on computers I don't control (such as transporting files
> securely between locations - i.e., where there is potential to lose the
> usb key):
>
> see
> https://www.veracrypt.fr/en/Using%20VeraCrypt%20Without%20Administrator%20Privileges.html
>
> BillK
>
Does that mean that on windoze a person can open a encryted USB stick
without a password? From what I read, it sounds like it doesn't put the
stick at risk, as long as you are not using key files or sharing your
password by storing it somewhere. It just means you have to be admin to
install Veracrypt but not to access a encrypted USB stick. From the way
it sounds, you insert USB stick, run Veracrypt, enter password, do what
you want with the stick, close it and then remove the stick. Or am I
missing something?
I might add, when I use cryptsetup and mount a external drive I use, I
do that as root. Since my password is only in my head, no password, no
access root or not, right?
I'm new to this encrypted thing. I'm learning but don't know all of it
and may never know all of it. I figured out the other day that when I
select a two part or three part encryption, it actually encrypts the
thing twice or three times. It's like having to pick two or three locks
on a door instead of one. Only they have to be done in order and you
don't really have a way to know if you did it right until you figure out
the rest. I bet that drives the NSA and other Govts nuts. lol
By the way, the USB stick will have instructions about things after I'm
buried or whatever. I plan to keep the USB stick in a safe and share
the password with the person that will be taking care of things. When
I'm gone, they can open the USB stick to access files on what to do and
such. Until I'm gone, they won't know what is on the stick or have
access to it. Getting older makes one think about these things. :/
External drives will have things that when I'm gone, they gone too.
I just wonder how many encryption tools have been cracked that we don't
know about. It's not like they going to tell us or anything.
Dale
:-) :-)
[-- Attachment #2: Type: text/html, Size: 2978 bytes --]
next prev parent reply other threads:[~2020-07-06 6:37 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-04 2:23 [gentoo-user] Encrypted drive setup at login and locking on logout Dale
2020-07-04 3:49 ` Francesco Turco
2020-07-04 13:01 ` Michael
2020-07-06 4:49 ` Dale
2020-07-06 5:24 ` William Kenworthy
2020-07-06 6:37 ` Dale [this message]
2020-07-06 9:05 ` William Kenworthy
2020-07-06 9:46 ` Dale
2020-07-06 10:17 ` Neil Bothwick
2020-07-06 11:02 ` Rich Freeman
2020-07-06 8:21 ` Neil Bothwick
2020-07-06 9:53 ` Dale
2020-07-06 10:19 ` Neil Bothwick
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b04b4b78-ee35-8908-9311-5e65f0d5be9d@gmail.com \
--to=rdalek1967@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox