netbsd-users: Re: portable encrypted CD/USB

Subject: Re: portable encrypted CD/USB
To: Thilo Jeremias <jeremias@optushome.com.au>
From: Stefan 'Kaishakunin' Schumacher <stefan@net-tex.de>
List: netbsd-users
Date: 05/15/2007 14:02:56
--W/nzBZO5zC0uMSeA
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Also sprach Thilo Jeremias (jeremias@optushome.com.au)
> Douglas Allan Tutty wrote:
> >I see in the netbsd guide about using the CGD to create an encrypted CD.
> >It does note that such a CD can't be read with any other OS.
> >
> >Does anyone know of a tool to do something similar that is cross-OS
> >between especially NetBSD and Debian GNU/Linux?  Ideally, it wouldn't be
> >limited to CD but could be used on e.g. USB sticks.
> >
> >Thanks,
> >
> >Doug.

 =20
> How well ported is cfs? Does it still only use des ? ( I would hihgly=20
> advise against des (even 3des wouldn't be my choice)

CFS supports 3DES, MacGuffin and Blowfish. I use it since 2001, first
for ~stefan, but since CGD is available I only encrypt some
directories (~/mail, ~/.gnupg and so) which shall be protected even if
CGD is configured and mounted.=20

I keep a Howto for CFS at [1] or [2] and use it still to protect CDs
and flash sticks. I tested it with some friends on NetBSD, FreeBSD,
OpenBSD and Gentoo-Linux, so it is currently the most portable crypto
fs at least in a unix world.=20

If one only uses NetBSD, one could use CGD on a container. Simply
create a file as container with dd, vnconfig it and create a CGD layer
and a filesystem on. Then write it onto a CD.


[1] http://net-tex.dnsalias.org/~stefan/nt/unix/cfs.html
    english Howto on CFS on NetBSD
[2] http://net-tex.dnsalias.org/~stefan/nt/netbsd/advocacy/guug-uptimes-cgd=
_cfs.pdf
    German article on CGD and CFS on NetBSD, published in the UpTimes
	Dec. 2006

--=20
PGP FPR: CF74 D5F2 4871 3E5C FFFE  0130 11F4 C41E B3FB AE33
http://www.net-tex.de                                =20
http://www.cryptomancer.de
--=20
Worum haben die Menschen von Kindesbeinen an gebetet, wovon haben sie getr=
=E4umt,
womit haben sie sich gequ=E4lt? Da=DF irgendeiner ihnen ein f=FCr allemal s=
age, was das
Gl=FCck ist, und sie mit einer Kette an dieses Gl=FCck schmiede. Und ist di=
es nicht=20
gerade das, was wir tun? Der uralte Traum vom Paradies ...
Jewgenij Iwanowitsch Samjatin, =BBWir=AB

--W/nzBZO5zC0uMSeA
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (NetBSD)

iD8DBQFGSaFwEfTEHrP7rjMRAqQmAJ9yGQ+rah8CgmkAHvi0wVlYr3ReigCgtdhQ
F79nhXJwWdQSNJ2ChplZnAc=
=v+ol
-----END PGP SIGNATURE-----

--W/nzBZO5zC0uMSeA--