Date: Tue, 27 Sep 2016 14:13:57 +0000 From: zhaghzhagh@openmailbox.org To: freebsd-geom@freebsd.org Subject: GELI on remotely hosted FreeBSD VM Message-ID: <c1fb16ed32ccb40a0bb86d1af322d6eb@openmailbox.org>
next in thread | raw e-mail | index | archive | help
Hello Wonder if there is any security implication with GELI based full disk encryption and FreeBSD running on Xen based VM? Here are some of my doubts: 1. Could the GELI passphrase revealed by having access to the VM's memory snapshot? (At boot time when passphrase is prompted - probably yes / during normal operation...) 2. Would it be possible to resume the VM from a snapshot and anyhow force it to do a full disk read? (With / without knowing root / any other user's credentials.) ... In general, would like to have a clearer picture about the effectiveness of full disk encryption in case of VM hosted at an 'unknown' physical location. Thanks!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c1fb16ed32ccb40a0bb86d1af322d6eb>