You can reboot your full-disk-encryption server while you sleep. Obligatory plug: <

teddyh • yesterday at 1:12 PM • 2 replies • view on HN

You can reboot your full-disk-encryption server while you sleep. Obligatory plug: <https://www.recompile.se/mandos>

Disclosure: I am a co-author of Mandos.

Has this solution been audited? In particular, is it safe to replay attacks by actors listening in to the network traffic?

Also from the diagram it looks like the secret key is stored unencrypted on the server, or do I read it wrong?

➕ show 1 reply

gerdesj • yesterday at 4:20 PM

Thank you for this. I will almost certainly be deploying that.

alt Hacker News