Sthu Deus wrote: >> Once the disk is encrypted, you'll at least need to enter a >> password as a key to decrypt it when it powers on. > > Can the passwords (to run and to read) be different? - So that one > person can all the administration - that is the system is totally open > to him while another person that just lunches it - say after power > failure - only has a password to make it running?
As Eduardo wrote, "running" and "reading" are the same thing here. Entering the password makes decryption by the OS possible. Without the password, the OS can't even read the partition, so it can't run. And once you have the password to decrypt a partition, you can remove the disk and decrypt it on another machine where you have root privileges, gaining access to all the files in the (decrypted) disk. I suspect that you're making an analogy to the BIOS, where there's separate supervisor and user passwords, with different permission levels. That analogy doesn't apply here. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101129165820.ga16...@adsl-64-142-29-25.sonic.net
