From owner-freebsd-questions@FreeBSD.ORG Wed Oct 10 21:38:01 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 25E8E16A468 for ; Wed, 10 Oct 2007 21:38:01 +0000 (UTC) (envelope-from fbsd.questions@rachie.is-a-geek.net) Received: from snoogles.rachie.is-a-geek.net (rachie.is-a-geek.net [66.230.99.27]) by mx1.freebsd.org (Postfix) with ESMTP id D8C7113C4A5 for ; Wed, 10 Oct 2007 21:38:00 +0000 (UTC) (envelope-from fbsd.questions@rachie.is-a-geek.net) Received: from localhost (localhost [127.0.0.1]) by snoogles.rachie.is-a-geek.net (Postfix) with ESMTP id C999C1CDFC; Wed, 10 Oct 2007 13:37:59 -0800 (AKDT) From: Mel To: Fabian Keil , freebsd-questions@freebsd.org Date: Wed, 10 Oct 2007 23:37:55 +0200 User-Agent: KMail/1.9.7 References: <470CCDE2.9090603@ibctech.ca> <20071010201838.23fa7c2f@fabiankeil.de> <20071010211701.GB15103@slackbox.xs4all.nl> In-Reply-To: <20071010211701.GB15103@slackbox.xs4all.nl> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-6" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200710102337.57373.fbsd.questions@rachie.is-a-geek.net> Cc: Subject: Re: Booting a GELI encrypted hard disk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Oct 2007 21:38:01 -0000 On Wednesday 10 October 2007 23:17:01 Roland Smith wrote: > On Wed, Oct 10, 2007 at 08:18:38PM +0200, Fabian Keil wrote: > > Roland Smith wrote: > > > On Wed, Oct 10, 2007 at 09:04:34AM -0400, Steve Bertrand wrote: > > > > I am voraciously attempting to get a FreeBSD system to boot from a > > > > GELI encrypted hard disk, but am having problems. > > > > > > You don't need to encrypt the whole harddisk. You can encrypt separate > > > slices. There is no need to encrypt stuff like / or /usr; what is there > > > that needs to be kept secret? > > > > Encryption isn't only useful for private data, > > it also reduces the risk of third parties replacing > > your binaries with Trojans while your away. > > If that someone can replace binaries on a running system, you're box has > been h4x0red and you're screwed anyway. Doubly so if your encrypted > filesystem was mounted at the time. :-) I think the case he's describing, is that one can remove the harddisk, mount it as secondary drive, replace system binaries with keylogging enabled binaries and then put it back. You won't notice this till you read daily security report in a default system. > It's easy enough to make a list of SHA256 checksums of all binaries and > store that on the encrypted partition, so you can check the binaries any > time you want. Like sysutils/tripwire. Even if the system doesn't let you boot if system binaries have changed, the damage is probably done already because the geli passphrase binary logged your passphrase. It's questionable though, whether you should leave your computer in an environment where this can happen undetected and probably better solved by increasing real life security. -- Mel