Re: Full Disk Encryption with cgd (well, almost)

[Rhialto <rhialto%falu.nl@localhost>]

On Thu 21 Mar 2013 at 03:01:55 +0100, Pierre Pronchery wrote:
> The approach I am taking is as follows:
> - /dev/wd0a is a small bootable partition with:
>   * boot,
>   * boot.cfg,
>   * a GENERIC kernel,
>   * a ramdisk with a kernel module,
>   * cgd.conf and the relevant encryption key
>     (cgd0 /dev/wd0e)
> - /dev/wd0e is the cgd partition
> - the ramdisk (ramdisk-cgdroot.fs) was generated with the patch
>   attached, a lot like for sysinst but with cgdconfig instead
> - the kernel module is generated from this ramdisk
> - boot.cgd boots the GENERIC kernel with the ramdisk enabled
>   (menu=Boot:load /cgdroot.kmod;boot /netbsd.gz)
> - a minimal /etc/rc within the ramdisk
>   * mounts wd0a on /etc/cgd,
>   * asks for the passphrase (with "cgdconfig -C"),
>   * mounts the encrypted volume read-only (on "/altroot"),
>   * and tells init (via "sysctl -w init.root=/altroot") to chroot
>     before going on

Is there any particular reason why cgdconfig and /etc/rc are in a
ramdisk, rather than in the unencrypted /dev/wd0a? A ramdisk makes it so
much more complicated to update stuff, but it offers no security anyway
since it is unencrypted itself.

-Olaf.
-- 
___ Olaf 'Rhialto' Seibert  -- The Doctor: No, 'eureka' is Greek for
\X/ rhialto/at/xs4all.nl    -- 'this bath is too hot.'