LUKS Encryption?

[held]

is LUKS encryption in this Linux release?

The reason I ask is because I will be settings up some CIFS and I hate storing passwords on insecure disks.
And it might be a easier to just buy a 'large' sdcard. But none the less I would like to know

[AngelicLiver]

Why not create a dedicated shared folder with a user with read-only permissions for the MiSTer only? This way you don't have to worry about insecurely stored credentials?

[Bas]

LUKS won't help much here. Someone would need to steal your SD for that. Network based attack is *far* more likely unless you leave your box unattended at parties and the like. But then you'd better off with a second SD for just that purpose.

I agree with the previous suggestion: set up a low privilege account and be done with it.

[held]

Its not only CIFS, also the wpa_supplicant contains your unencrypted WIFI password
I'm keeping this off the network until I have a proper grasp of the buildroot.

[Flandango]

Encrypt your wifi password with wpa_passphrase.

I haven't tested it on Mister since I don't use wifi on it, but i've used on various other platforms and since the command is available on Mister, I don't see why it wouldn't work.
Try something like this:

Code: Select all

wpa_passphrase "MY_SSID" "MYPASSWORD"

From the output, use the un-commented psk line in place of your unencrypted psk line in your wpa_supplicant file.

[Bas]

The MiSTer isn't a very secure device networking or otherwise. That's not its priority. Firewall it off by other means if you must. Mine lives in the guest wifi VLAN.

[held]

@Flandango: perfect

@Bas: I figured as much, those highly exploitable Bluetooth dongles I put in the front probably wont help either