Subject: Re: cgd root [was Re: enabling cgd by default]
To: None <tech-kern@NetBSD.org>
From: Alan Barrett <apb@cequrux.com>
List: tech-kern
Date: 08/09/2007 08:51:15
On Wed, 08 Aug 2007, der Mouse wrote:
> The first is, I'd like a way to have it prompt for the key on the
> console, directly from the kernel. This would amount to
> pkcs5_pbkdf2/sha1, except with only the salt, or perhaps even nothing
> (see below) provided by cgdconfig; the kernel would prompt for the
> user-input portion.
So there'd be some way for a userland process (cgdconfig) to ask the
kernel to issue a prompt and return the resulting string? I dont' see
that this gives any more security than eltting the userland process do
it all.
Or would you move more of cgdconfig into the kernel, so there's be
some way for the userland part of cgdconfig to ask the kernel part of
cgdconfig "here is a paramsfile; please issue a prompt and perform the
real work of configuring the device"? I would have no objection to
this, and I can see how a prompt on the console in a colour reserved for
kernel messages could give some warm feelings, but it doesn't really
seem to be worth the effort.
> The other is, I'd like a way to put root on cgd. For my 1.4T+ version,
> this was something like
>
> options ED0_ROOT="\"wd0f\""
I would very much like to see an implementation of this idea. While the
existing init.root mechanism seems sufficient to me for the purposes
of having almost everything encrypted, setting it up is cumbersome and
poorly documented; I think it would be nice to have an easy-to-use
mechanism with the equivalent of the cgdconfig paramsfile embedded in
the kernel.
--apb (Alan Barrett)