Security improvement idea

[GoogleCodeExporter]

Would it be possible to add an option to enable ATA auto unlock security 
feature ?

One of possible idea is that the user may have two disks:
- one with actual data protected by hardware encryption supported by some 
drives,
  and locked with user password.
- second one (possibly flash disk) with key stored on it

If the system is booted without flash disk the encrypted disk will not be 
'ulocked'.
If however the flash disk is present the disk will be unlocked and mounted 
normally,
using password stored on the flash disk.

All of this could be done usind hdparm and --security-unlock option.

How do you think about this ?

Original issue reported on code.google.com by Artur.Sz...@gmail.com on 17 May 2014 at 8:06

[GoogleCodeExporter]

I want to remind you that we are talking about a router ;)

Original comment by Dr.Sydorenko.O on 17 May 2014 at 2:31

[GoogleCodeExporter]

Yes indeed, therefore it may be useful since some users have hard drives
connected to it, and some of them are running torrents, or ftp and therefore
the content may need protection in case that the drive is stolen or possessed 
by any other unauthorized "authorities". It may be a good defense because once 
the router is powered off or the drive will become disconnected it can't be 
unlocked again without having the usb flash key or knowing the right password 
to unlock the drive. 

Original comment by Artur.Sz...@gmail.com on 17 May 2014 at 5:03

[GoogleCodeExporter]

It can be easy done on systems, which support pam. I don't think it is required 
here, really =)

Original comment by d...@soulblader.com on 17 May 2014 at 7:01

• Changed state: Invalid