Re: cgd (encrypted disk) support in bootblocks (Was: summer of code - scrub feature)

[Todd Vierling <tv%netbsd.org@localhost>]

On Mon, Mar 23, 2009 at 9:12 AM, David Brownlee <abs%netbsd.org@localhost> 
wrote:
>        Converting a running system to an encryped filesystem without
>        requiring a dump/restore is a very nice additional feature, but
>        I think NetBSD would really benefit from 'just' the cgd support
>        in the bootblocks and passing the relevant data across to the
>        kernel so it can get a cgd encrypted root filesystem...

Works for workstations, if the bootblocks have passphrase entry (and
better yet, cgd decrypt support to load the kernel itself from an
encrypted root); that would work much like other full-disk encryption
systems.

Without something like TPM, doesn't solve the unattended server
problem, though perhaps that does require a more complex solution
(such as a ramdisk or small root partition, over which / is remounted)
to allow the key to be stored in a more flexible manner.

Collectively this sounds more like two projects to me, though the
latter could suffice for both cases, for a first stab at it.  The
latter is also less low-level code and more scripting work (and
perhaps crunchgen for space), which may make multiplatform support
less painful.  Mentors' mileage may vary.

-- 
-- Todd Vierling <tv%duh.org@localhost> <tv%pobox.com@localhost> 
<todd%vierling.name@localhost>