If you've activated filevault, what happens when you ssh into your machine? If you're not logged in locally on that machine what do you see in your home directory when you "ls" remotely?
If you've activated filevault, what happens when you ssh into your machine? If you're not logged in locally on that machine what do you see in your home directory when you "ls" remotely?
If you've logged in with the same account, I'd imagine you could see everything just fine.
If you've logged in with the same account, I'd imagine you could see everything just fine.
But the data is stored on an encrypted disk image, right? And it's not mounted. I'd like to use filevault, but I'd also like to be able to remotely access my stuff. Someone with Panther want to try it out?
But the data is stored on an encrypted disk image, right? And it's not mounted. I'd like to use filevault, but I'd also like to be able to remotely access my stuff. Someone with Panther want to try it out?
Do you mean like SSHing in, and then lsing your home directory?
I've used Window XP Pro's Encryption. If you log in as another user, or if you reinstalled windows on another hd so the old files are still intact on the old hardrive. You can see the file names, but if you try opening them, it won't open, it'll create a error that says "username is not correct" I imagine it would be the same with Filevault.
I've used Window XP Pro's Encryption. If you log in as another user, or if you reinstalled windows on another hd so the old files are still intact on the old hardrive. You can see the file names, but if you try opening them, it won't open, it'll create a error that says "username is not correct" I imagine it would be the same with Filevault.
They call that encryption??? That's how it is with any other user in OS X now. Without FileVault. That's gotta be some sort of a joke. What's the point if everyone can see what you've got?
Sorry man... been working instead of playing with File Vault!
Fear not, I'm as curious as you and I'll play with it soon.
Well, I tried it myself. It seems that there is no way to work with your files through SSH if you're not logged in because that "image" is unmounted when you log out. But I've also found that if you log into through the finder and mount the HD, you can mount the encrypted image after typing the password. This is odd because I was under the impression that AFP sent passwords unencryptedly (is that a word?). So, you log into your other computer via afp, send your filevault password to the other computer out in the open. Is there a way to tunnel afp connections through SSH?
If, using a Mac on which you've encrypted your home folder, you start up in target Firewire disk mode, can you get at your own files with the right user name and password? Or are your encrypted files accessible only in the context of being booted up from the hard drive on which your encrypted files reside?
If, using a Mac on which you've encrypted your home folder, you start up in target Firewire disk mode, can you get at your own files with the right user name and password? Or are your encrypted files accessible only in the context of being booted up from the hard drive on which your encrypted files reside?
I suspect it's like what I described above. You would have to enter the password to unencrypt it and then it would be like a regular disk image.
What if I mount a FireWire drive under /Users/MyHome/? (and not under /Volumes...) using a customized /etc/fstab file, will that entire drive be encrypted, too?
And if it is encrypted, what happens when I remove it and take it to another Panther box? Will it ask me for a password when mounted?
Ok, I've tried it out. When I ssh into my server, all I see is a .sparseimage where my stuff should be. There's no way I know of to get to it, at least via the CLI. I suppose their could be a way to remotely mount it, but damned if I know how. Anyone have any ideas? (Short of using the finder to get to it, I can't think of any)
Comments
Originally posted by penseive
If you've activated filevault, what happens when you ssh into your machine? If you're not logged in locally on that machine what do you see in your home directory when you "ls" remotely?
If you've logged in with the same account, I'd imagine you could see everything just fine.
Originally posted by ethar
If you've logged in with the same account, I'd imagine you could see everything just fine.
But the data is stored on an encrypted disk image, right? And it's not mounted.
Originally posted by penseive
But the data is stored on an encrypted disk image, right? And it's not mounted.
Do you mean like SSHing in, and then lsing your home directory?
Originally posted by Xool
Do you mean like SSHing in, and then lsing your home directory?
Yes. More specifically, SSHing in when you aren't logged in locally (so that the data is supposedly "locked up").
Originally posted by Ichiban_jay
I've used Window XP Pro's Encryption. If you log in as another user, or if you reinstalled windows on another hd so the old files are still intact on the old hardrive. You can see the file names, but if you try opening them, it won't open, it'll create a error that says "username is not correct" I imagine it would be the same with Filevault.
They call that encryption??? That's how it is with any other user in OS X now. Without FileVault. That's gotta be some sort of a joke.
Fear not, I'm as curious as you and I'll play with it soon.
Originally posted by Xool
Sorry man... been working instead of playing with File Vault!
Fear not, I'm as curious as you and I'll play with it soon.
Well, I tried it myself. It seems that there is no way to work with your files through SSH if you're not logged in because that "image" is unmounted when you log out. But I've also found that if you log into through the finder and mount the HD, you can mount the encrypted image after typing the password. This is odd because I was under the impression that AFP sent passwords unencryptedly (is that a word?). So, you log into your other computer via afp, send your filevault password to the other computer out in the open. Is there a way to tunnel afp connections through SSH?
If, using a Mac on which you've encrypted your home folder, you start up in target Firewire disk mode, can you get at your own files with the right user name and password? Or are your encrypted files accessible only in the context of being booted up from the hard drive on which your encrypted files reside?
Originally posted by shetline
As long as we're asking file vault questions...
If, using a Mac on which you've encrypted your home folder, you start up in target Firewire disk mode, can you get at your own files with the right user name and password? Or are your encrypted files accessible only in the context of being booted up from the hard drive on which your encrypted files reside?
I suspect it's like what I described above. You would have to enter the password to unencrypt it and then it would be like a regular disk image.
Originally posted by penseive
This is odd because I was under the impression that AFP sent passwords unencryptedly (is that a word?).
AFP does not sent the passwords in plain text.
Originally posted by Henriok
AFP does not sent the passwords in plain text.
Good. Thanks.
What if I mount a FireWire drive under /Users/MyHome/? (and not under /Volumes...) using a customized /etc/fstab file, will that entire drive be encrypted, too?
And if it is encrypted, what happens when I remove it and take it to another Panther box? Will it ask me for a password when mounted?
What if I take it to a Jag box? Hmmm...
A PC? LOL
A OS 9 Mac? LOL