Mailing List Archive

Boot CD for secure remote access
I've been chewing on this idea for a while and am hoping someone on the
list may help me with a concern.

The notion is that big company B will distribute CDs to employees to use
for remotely accessing things like mail, corporate Intranet, etc. The
disk contains two bootable images. One is "normal" and is the first to
load. The second squashed image is encrypted in a manner that the first
image can decrypt.

The first image loads, connects to Corp B and authenticates the user.
At that point the key to decrypt the second image is provided and the
computer chroots to the second image. This environment is considered
trusted and access is provided into Corp B.

This seems fairly straightforward but then why isn't anyone doing this
already? What haven't I considered?

It's easy to use the word encryption but is much harder to make it work.
Any recommendations on projects I should look at that may be suitable
for this purpose?

thanks,
Jeff

________________________________

Jeff Gercken <mailto:jeffg@kizan.com>

502-292-4838 office

502-292-5238 fax

<http://www.kizan.com/> www.kizan.com <http://www.kizan.com/>

________________________________
Re: Boot CD for secure remote access [ In reply to ]
On Wed, 2005-11-23 at 15:29 -0500, Jeff Gercken wrote:

[snip brainstorm]

>
> This seems fairly straightforward but then why isn't anyone doing this
> already? What haven't I considered?
>
> It's easy to use the word encryption but is much harder to make it
> work. Any recommendations on projects I should look at that may be
> suitable for this purpose?

Hardened has a ~500 meg livecd for the x86 arch which may work for your
needs. You can use it for many of things like forensics of compromised
computer, rescue cd, install cd, work station, misc appliance. It
combines a squashfs + uninonfs so you can save/load data or quickly add
a package from a usb keychain and a number of other useful tools for the
security minded admin. I'm not a cryptographic freak myself but I don't
see any reason why the personal encrypted data you wanted to load could
not come from the usb device. Questions, suggestions, ideas for
improvements can be sent to the gentoo-hardened mailing list.
Default console only login is hardened with the pass of hardened, the
hardened user can sudo to root.

http://gentoo.osuosl.org/experimental/x86/hardened/livecd/hardened-x86-2005.1.iso


--
Ned Ludd <solar@gentoo.org>
Gentoo Linux

--
gentoo-security@gentoo.org mailing list
Re: Boot CD for secure remote access [ In reply to ]
On Wednesday 23 November 2005 21:29, Jeff Gercken wrote:
> I've been chewing on this idea for a while and am hoping someone on the
> list may help me with a concern.
>
> The notion is that big company B will distribute CDs to employees to use
[...]
> This seems fairly straightforward but then why isn't anyone doing this
> already? What haven't I considered?

Hi,

sounds interesting (and i personally like this idea), but i think it is much
more easier/reliable (but also more expensive) for a company to equip their
employees with special pre-installed notebooks that have an encrypted
filesystem together with some kind of hardware-token for authentication.

The problem is, if you cannot trust the hardware you're booting the cd from,
then there is not much use in any well-designed security-boot-cd. Just think
of tampered hardware with some kind of hardware-keylogger installed (for
example http://www.keyghost.com/)

I think this is just one aspect why so many companies spend so much money in
expensive notebooks for their external workers: they have control over the
software _and_ the hardware.

Maybe the use of TPA-Architectures will solve this problem in the future
(*lol*), but i think this is completely another story :)

regards,
Helmut


--
Helmut Wuensch, Dompfaffstr. 140, 91056 Erlangen
PGP/GPG public key available at http://www.helmut-wuensch.de
fingerprint: 20B7 519F 8912 4606 F516 FF2D 417E EF82 5C9E 235A
Re: Boot CD for secure remote access [ In reply to ]
> I've been chewing on this idea for a while and am hoping someone on
> the
list may help me with a concern.
>
> The notion is that big company B will distribute CDs to employees to
> use
for remotely accessing things like mail, corporate Intranet,
> etc. The
disk contains two bootable images. One is "normal" and
> is the first to
load. The second squashed image is encrypted in a
> manner that the first
image can decrypt.
>
> The first image loads, connects to Corp B and authenticates the
> user.
At that point the key to decrypt the second image is provided
> and the
computer chroots to the second image. This environment is
> considered
trusted and access is provided into Corp B.

Because the CD provided to all the users is encrypted with the same key, and
that this key is not session based, replay attacks are possible.

>
> This seems fairly straightforward but then why isn't anyone doing
> this
already? What haven't I considered?
>
> It's easy to use the word encryption but is much harder to make it
> work.
Any recommendations on projects I should look at that may be
> suitable
for this purpose?
>
> thanks,
> Jeff
>
> ________________________________
>
> Jeff Gercken <mailto:jeffg@kizan.com>
>
> 502-292-4838 office
>
> 502-292-5238 fax
>
> <http://www.kizan.com/> www.kizan.com <http://www.kizan.com/>




--
gentoo-security@gentoo.org mailing list