System authentication with USB/path

Topics: Feature Requests, Technical Issues, Users Discussion
Dec 27, 2015 at 2:49 PM
Edited Dec 27, 2015 at 2:50 PM
Hi,

is there no way I can login into my system without being in front of it? I thought about a raspberry solution with the keyfile on it and if Veracrypt detects it on startup it should login automatically.

I've switched from TC in hope VC can do that.
Dec 28, 2015 at 5:01 PM
I don't quite understand what are you trying to achieve. Explain "without being in front of it". The purpose of VC and encryption is that your data won't be accessible to anyone but you (which you prove - in front of it - by providing a password or keyfile).

You want to leave your system somewhere alone, after a power failure it autoboots and fills password itself? So when police/thief/cleaning lady comes in and takes your equipment including your "password typing machine", then why do you need to encrypt that at all? ;-)

You can create encrypted virtual machine on remote system, or just encrypt non system partitions with data. After a power failure you can securely log in from remote place (via openssl encrypted tunnel) and mount with passwords. Best password storage is your brain and best password typing machine is you. If you force your system to somehow remember the password, it has to be stored somewhere. The stored password can be exploited and it renders the encryption useless.

Keep in mind, that when adversary gets his hands to your mounted system, with proper equipment he can clone and steal your data even without knowing your password.
Dec 28, 2015 at 5:48 PM
Edited Dec 28, 2015 at 5:49 PM
@testoslav
Thanks firstly for your reply!

Actually you are right. I want to run an application on a raspberry pi (which is also encrypted btw) and say to my smartphone app (after entering the password) encrypt the pi and enter the password for the VC boot loader to run the system and decrypt it again. Is this more clear? :)
Dec 29, 2015 at 8:12 PM
Edited Dec 29, 2015 at 8:13 PM
Thanks, but now I don't understand you at all :-) You want to emulate keyboard with PI, or you have VC for linux running on the PI?
Dec 29, 2015 at 9:19 PM
Emulating is my last option, yes. I wanted a VeraCrypt solution but it seems it doesn't support it at all. But thanks for your effort! :)