Subject: Re: initramfs - CGD root
To: Tobias Nygren <tnn@NetBSD.org>
From: Lubomir Sedlacik <salo@Xtrmntr.org>
List: netbsd-users
Date: 07/01/2007 00:46:43
--eQ8QKBgzzGzhafWG
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Jun 30, 2007 at 11:31:49PM +0200, Tobias Nygren wrote:
> On Sat, 30 Jun 2007 22:44:10 +0200
> Jan Danielsson <jan.m.danielsson@gmail.com> wrote:
> > Quick question. Is it at all possible to boot NetBSD from a USB
> > memory key? If so, is it possible to do so that I can boot from it, then
> > remove it once the system is running?
> >=20
> > As you have (probably) already gathered, I want to encrypt /, and I'd
> > like to physically separate the key from the hard drive.
>=20
> Theoretically it should be possible to use md(4) to create
> a minimal enviroment with an /etc/rc that configures a cgd,
> mounts it over / and jumpstarts the new /etc/rc.
> I've been meaning to try that approach when I get around to
> upgrading my laptop.

i am using such setup for more than two years now so i would be tempted
to say it is possible.

--=20
-- Lubomir Sedlacik <salo@{NetBSD,Xtrmntr,silcnet}.org>   --

--eQ8QKBgzzGzhafWG
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (NetBSD)

iD8DBQFGht1TiwjDDlS8cmMRAuK3AJ4pzmD9Pkg/ZGeH2sP5ApHftXa9/gCfYWvW
2UrYFgPTmCaQNdENkyToBxI=
=P63S
-----END PGP SIGNATURE-----

--eQ8QKBgzzGzhafWG--