From owner-freebsd-hackers@FreeBSD.ORG Sat Oct 11 15:17:01 2014 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 793C7BC2 for ; Sat, 11 Oct 2014 15:17:01 +0000 (UTC) Received: from mx1.scaleengine.net (beauharnois2.bhs1.scaleengine.net [142.4.218.15]) by mx1.freebsd.org (Postfix) with ESMTP id 51FAF25F for ; Sat, 11 Oct 2014 15:17:00 +0000 (UTC) Received: from [192.168.1.2] (Seawolf.HML3.ScaleEngine.net [209.51.186.28]) (Authenticated sender: allanjude.freebsd@scaleengine.com) by mx1.scaleengine.net (Postfix) with ESMTPSA id 65E185E36E for ; Sat, 11 Oct 2014 15:16:54 +0000 (UTC) Message-ID: <54394A03.6060403@freebsd.org> Date: Sat, 11 Oct 2014 11:17:23 -0400 From: Allan Jude User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.1.2 MIME-Version: 1.0 To: freebsd-hackers@freebsd.org Subject: Re: GBDE not protecting the user References: <20141010215842.GA6717@mail.michaelwlucas.com> <20141011113008.705ba16d@X220.alogt.com> <20141011074412.GA9432@mail.michaelwlucas.com> In-Reply-To: <20141011074412.GA9432@mail.michaelwlucas.com> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="HjGBfvfG9MVre72rALS9kjXxxwCw8wnHw" X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Oct 2014 15:17:01 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --HjGBfvfG9MVre72rALS9kjXxxwCw8wnHw Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 2014-10-11 03:44, Michael W. Lucas wrote: > On Sat, Oct 11, 2014 at 11:30:08AM +0800, Erich Dollansky wrote: >> Hi, >> >> On Fri, 10 Oct 2014 17:58:42 -0400 >> "Michael W. Lucas" wrote: >> >>> [Tried questions@, no answer, and the code contains things I just >>> cannot trigger.] >>> >> just try geli. It works for me. What I like most is that you can have >> key and password on external media. No external media - no decyphering= =2E >=20 > GELI does not verify key destruction when the correct passphrase is > used. There are use cases where this is very important--e.g., finance. >=20 > I'd really like to include GBDE in my FreeBSD storage book, but it > seems that it doesn't actually work. >=20 > =3D=3Dml >=20 Michael: please file a PR on this now that it is confirmed, and together we can nag someone to fix it. --=20 Allan Jude --HjGBfvfG9MVre72rALS9kjXxxwCw8wnHw Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBAgAGBQJUOUoGAAoJEJrBFpNRJZKfZm4P/iVvceVS1HWmIFyHUFo1kuLp CEo8Z7UpUFWnH89RuVaYlaNTjwDzMMzbmob8di+cFgbdV1HvhuHb8UAvCxvg1jkt cggDDrL9PbNW3poPa33IJZcJ/wOBTBuOg2NdfIkxz2BS6SrMuUlWuAIKxk8TSuoP MHrpKGa6xLb4o410N1ZRfCoNMY31FuAyUlWx/OYQLnVYMfLIUQ7RuzVsk4cCxirr KPFbGXC8l7pGgzr4K5h6MAXq3PurQp1Qlie0VjOkwjS85JXlaMBkzRZFTBGuG05J 2toY8N+F926j8Hnlr8a2H6ThjlqlGMrg/SDyoJebEiHF0p/KWDVhlmFl4jExes9f B6Upw6Rc8qCxAH7CvssvwJyb3JQokFH7+e/Ai+HwLTRmkFvTd590JEtdYX9xS5dJ 0uyOMTLvi0IPudOEfWRmJ2qDe6oXYEsyIInoyy4fhFCUV2npLjEs9ril8v+8UyVK Aj8XB8YZfHKK2Zy2psELi2Y2Ho7leTZUUgpEtMR7lUkdyqqWwlhfkv4Ob5njgkG0 Pne8fadVbfx6YSD8rmvVfgEhqubzWbH5I4nxHGTVf5SJ/MnGjkM+5hy3BtTVHW2+ REZRBkGP/rUOpdu1VEVvYea2oR90sXfG64MIlvaso129bQShxu79/wh07sZnol9x ZX2c7joJWNziMxUzutJ8 =nfcO -----END PGP SIGNATURE----- --HjGBfvfG9MVre72rALS9kjXxxwCw8wnHw--