On Wed, Aug 08, 2007 at 02:53:12AM -0400, der Mouse wrote:
> 
> The first is, I'd like a way to have it prompt for the key on the
> console, directly from the kernel.  This would amount to
> pkcs5_pbkdf2/sha1, except with only the salt, or perhaps even nothing
> (see below) provided by cgdconfig; the kernel would prompt for the
> user-input portion.

In this case, I would guess that you'd want to hard-code the salt into the
kernel config file.

> The points which I consider essential here are that the disk contain
> nothing in the clear except for bootblocks, kernel, and disklabel (in
> particular, enough of a cleartext root filesystem to run userland
> programs such as cgdconfig is not acceptable), and that the kernel not
> contain the key (it would be acceptable for it to contain a salt).

Where does the kernel go if the boot disk contains no readable filesystem
before cgd configuration? Are you planning on having a small filesystem
that contains just the kernel, and have the root filesystem mounted
afterwards?

> Thoughts?  Any interest in seeing these in NetBSD's cgd?

I think it's a reasonable enhancement and I'd certainly make use of the
feature if it was available. Actually implementing the feature with the
same simplicity and elegance that cgd has currently might be a bit tricky,
however; I'd be interested to hear more about your earlier implementation.

-- 
Jason V. Miller