I wanted to create iso linux image, dm-crypt with LUKS enabled. I wanted to write many hard disks with that ISO created, with different passwords. When i was browsing online regarding this, got the below statement from a website.
CLONING/IMAGING: If you clone or image a LUKS container, you make a copy of the LUKS header and the master key will stay the same! That means that if you distribute an image to several machines, the same master key will be used on all of them, regardless of whether you change the passphrases. Do NOT do this! If you do, a root-user on any of the machines with a mapped (decrypted) container or a passphrase on that machine can decrypt all other copies, breaking security.
So would like to know your thoughts on the same, so that disk-encryption is maintained and the task has to be automated.
Thanks in advance...
Bookmarks