Author: jvoisin Date: To: tails-dev Subject: [Tails-dev] [GSoC] [tails-server] Ideas and challenges about asking
the user's passphrase on boot
Hello,
I have some questions/ideas about tail-server,
especially about the early boot process; and I'd like
to share them to get advices/options.
Directly after boot, Tails-server need to get the user's passphrase to
decipher the persistence USB stick. But since tails-server's target
are broken laptops, or old servers, we need an alternative way that
direct input with a keyboard with display on a screen (of course
keyboard input will still be available).
I think that a good way to get the passphrase would be to setup a
simple webpage, available on the LAN (for now, I only consider that
the machine has one interface : the LAN).
But this raise (at least) two majors concerns:
1. Disclose the server's presence on the network
In order to be able to type his passphrase on the webpage,
the user must know where is his tails-server on his network.
The first (and easiest) solution would be to hardcode
tails-server's ip during the setup of the persistence USB key;
but this solution require to know on which network will tails-server run.
This is why I think that the "best solution" would be to use avahi,
but this may require some digging into tails firewall.
2. Run a webpage
Setup a php/apache seems a little bit overkill; I think that some
python (or perl) magic
will be sufficient. Using https would of course be nice,
but since this implies using self-signed certs (right ?),
it might scare users. Additionally, since tails-server will only run
the "passphrase-webpage" on LAN, man-in-the-middle is unlikely to happen.