Re: cgd (encrypted disk) support in bootblocks (Was: summer of code - scrub feature)

To: Cem Kayali <cemkayali%eticaret.com.tr@localhost>
Subject: Re: cgd (encrypted disk) support in bootblocks (Was: summer of code - scrub feature)
From: David Brownlee <abs%NetBSD.org@localhost>
Date: Mon, 23 Mar 2009 17:19:07 +0000 (GMT)

On Mon, 23 Mar 2009, Cem Kayali wrote:

Hi,

FreeBSD allows encryption of root partition and may be good start.

http://events.ccc.de/congress/2005/fahrplan/attachments/586-paper_Complete_Hard_Disk_Encryption.pdf
I have tried that approach about a year ago and successfully performedinstallation. Also discussed with author, Marc Schiesser, because tutorialshould be updated according to FreeBSD 7.x and 8.x versions. I have thesenotes in my archive.
Basic idea is that:
1- Run fixit disc of FreeBSD which is a live-cd with various FreeBSD (own)utilities. Dont forget to load geom_eli module.
2- Partition the hard drive, and then, create geli slices (partitions).
3- Run sysinstall and address the geli partitions as install target.Everything is isntalled into geli partition.
4- Once finished the work, copy kernel, kernel modules to ie; a usb ram. Inother words, prepare boot-only usb disk
5- Once everything is complete, boot from usb. It asks passphrase of gelislice and mounts geli root as root
6- Remove usb ram.


        The main thing missing from NetBSD to enable the same thing would
        be to have cgd autoconfigure similar to how raidframe can.

        Actually thas a nice piece of cgd functionality aside from
        anything else we've discussed :)


--
                David/absolute       -- www.NetBSD.org: No hype required --

Follow-Ups:
- Re: cgd (encrypted disk) support in bootblocks (Was: summer of code - scrub feature)
  - From: Cem Kayali

References:
- summer of code - scrub feature
  - From: Stathis Kamperis
- Re: summer of code - scrub feature
  - From: Thor Lancelot Simon
- Re: summer of code - scrub feature
  - From: Alistair Crooks
- Re: summer of code - scrub feature
  - From: Thor Lancelot Simon
- Re: summer of code - scrub feature
  - From: Christos Zoulas
- Re: summer of code - scrub feature
  - From: David Brownlee
- Re: summer of code - scrub feature
  - From: Todd Vierling
- Re: cgd (encrypted disk) support in bootblocks (Was: summer of code - scrub feature)
  - From: David Brownlee
- Re: cgd (encrypted disk) support in bootblocks (Was: summer of code - scrub feature)
  - From: Todd Vierling
- Re: cgd (encrypted disk) support in bootblocks (Was: summer of code - scrub feature)
  - From: David Brownlee
- Re: cgd (encrypted disk) support in bootblocks (Was: summer of code - scrub feature)
  - From: Cem Kayali

Prev by Date: Re: cgd (encrypted disk) support in bootblocks (Was: summer of code - scrub feature)
Next by Date: Re: cgd (encrypted disk) support in bootblocks (Was: summer of code - scrub feature)
Previous by Thread: Re: cgd (encrypted disk) support in bootblocks (Was: summer of code - scrub feature)
Next by Thread: Re: cgd (encrypted disk) support in bootblocks (Was: summer of code - scrub feature)
Indexes:

Home | Main Index | Thread Index | Old Index