Date: Tue, 20 Oct 2015 10:21:32 +0100 (BST) From: Anton Shterenlikht <mexas@bris.ac.uk> To: mexas@bris.ac.uk, phk@phk.freebsd.dk Cc: freebsd-current@freebsd.org, rwmaillists@googlemail.com, yaneurabeya@gmail.com Subject: Re: Depreciate and remove gbde Message-ID: <201510200921.t9K9LWrD005535@mech-as222.men.bris.ac.uk> In-Reply-To: <96318.1445331396@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
>From phk@phk.freebsd.dk Tue Oct 20 10:08:55 2015 > >>Am I correct that the papers are from 2003 and 2004 >>respectively. Has much changed in gbde since then? > >Nope. One thing that puzzled me about the way gbde is integrated with the FreeBSD boot sequence is that it's not possible to boot without entering the correct gbde pass phrase. I assumed that if the correct pass phrase is not entered the specified number of times, three by default, the boot should proceed without attaching the encrypted partition. But at present, if the correct pass phrase is not entered, the system goes into a single user mode, but exiting from it to a multi-user mode again gets one to gbde pass phrase prompt. So it's not possible to boot at all without attaching the gbde encrypted partition. Perhaps this can be configured via some rc* options? The reason is that even a laptop can have multiple users, not all of whom need/should mount any or all encrypted partitions. And a wish - please describe "nuke" and "destroy" options more explicitly. The man page is extremely terse on this. Given the seriosness of the consequences - loss of all data on encrypted partition(?) - would be great to know exactly what would happen. The man page says both options will invalidate the masterkey. Does this mean that encrypted data cannot be recovered? This is my guess, based on reading your 2 papers. Many thanks for gbde. Anton
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201510200921.t9K9LWrD005535>