USBGuard integration next to encryption? - users - Fedora Mailing-Lists

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

1997

1996

1995

1994

1993

1992

1991

1990

1989

1988

1987

1986

1985

1984

1983

1982

1981

1980

USBGuard integration next to encryption?

Running VirtualBox Crashes Other...

Cockpit as root

Hoppár Zoltán

Friday, 14 April 2023 Fri, 14 Apr '23

4:04 a.m.

Hi, I think it would be an interesting option to have USBGuard integrated as part of the Workstation, and have "hardening" option to the kernel too at install together with encryption?

Reply

Show replies by date

Christian Stadelmann

Sunday, 16 April Sun, 16 Apr

7:01 a.m.

What does USBGuard have to do with encryption? As far as I know, USBGuard is used for blocking unwanted USB devices. You can have disk encryption with or without USBGuard (or the other way round). You can install usbguard on workstation if you want. It is a bit tricky to setup though,as you can lock yourself out of your system quite easily.

Reply

Jonathan Billings

8:46 a.m.

On Apr 16, 2023, at 08:01, Christian Stadelmann <genodeftest(a)fedoraproject.org> wrote:

What does USBGuard have to do with encryption? As far as I know, USBGuard is used for blocking unwanted USB devices. You can have disk encryption with or without USBGuard (or the other way round). You can install usbguard on workstation if you want. It is a bit tricky to setup though,as you can lock yourself out of your system quite easily.

I believe Hoppár was saying that the Fedora installer should have a OS hardening option along side the encryption option. The installer would then enact policies such as USBGuard. There is already something like this, in the OpenSCAP anaconda plugin. I imagine USBGuard could be incorporated into the existing security policy options that are managed by OpenSCAP, if it any already. (I recall it was configured in one of the STIGs) -- Jonathan Billings

Reply

386

days inactive

388

days old

users@lists.fedoraproject.org

Manage subscription

2 comments

3 participants

tags (0)

participants (3)

Christian Stadelmann
Hoppár Zoltán
Jonathan Billings