| ▲ | g-mork 4 days ago | |
1) steal computer, 2) copy unencrypted SSH host key from it to a new computer (which necessarily must not be stored in the data volume), configured with the network identity of original computer 3) leave new computer in place of original to capture remote SSH-to-unlock attempt 4) use knowledge of password to unlock original's filevault at your leisure somewhere offsite | ||
| ▲ | johncolanduoni 4 days ago | parent [-] | |
I’m not sure if they do this, but nothing would stop Apple from putting the SSH host key in the Secure Enclave. This would prevent the extract the SSH host (private) key step. | ||