From owner-freebsd-geom@FreeBSD.ORG Mon Jan 30 16:47:18 2006 Return-Path: X-Original-To: freebsd-geom@freebsd.org Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E482B16A420 for ; Mon, 30 Jan 2006 16:47:18 +0000 (GMT) (envelope-from chris@haakonia.hitnet.rwth-aachen.de) Received: from ms-dienst.rz.rwth-aachen.de (ms-2.rz.RWTH-Aachen.DE [134.130.3.131]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1727B43D49 for ; Mon, 30 Jan 2006 16:47:17 +0000 (GMT) (envelope-from chris@haakonia.hitnet.rwth-aachen.de) Received: from circe (circe.rz.RWTH-Aachen.DE [134.130.3.36]) by ms-dienst.rz.rwth-aachen.de (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) with ESMTP id <0ITW0069VZXYTE@ms-dienst.rz.rwth-aachen.de> for freebsd-geom@freebsd.org; Mon, 30 Jan 2006 17:46:47 +0100 (MET) Received: from talos.rz.RWTH-Aachen.DE ([134.130.3.22]) by circe (MailMonitor for SMTP v1.2.2 ) ; Mon, 30 Jan 2006 17:46:46 +0100 (MET) Received: from bigboss.hitnet.rwth-aachen.de (bigspace.hitnet.RWTH-Aachen.DE [137.226.181.2]) by smarthost.rwth-aachen.de (8.13.1/8.13.1/1) with ESMTP id k0UGkjhp005897; Mon, 30 Jan 2006 17:46:45 +0100 Received: from lorien.hitnet.rwth-aachen.de ([137.226.181.92] helo=haakonia.hitnet.rwth-aachen.de) by bigboss.hitnet.rwth-aachen.de with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA:32) (Exim 4.50) id 1F3cAw-0001mh-5H; Mon, 30 Jan 2006 17:46:46 +0100 Received: by haakonia.hitnet.rwth-aachen.de (Postfix, from userid 1001) id B25BD3F40A; Mon, 30 Jan 2006 17:46:45 +0100 (CET) Date: Mon, 30 Jan 2006 17:46:45 +0100 From: Christian Brueffer In-reply-to: To: Christian Baer Message-id: <20060130164645.GA1486@haakonia.hitnet.RWTH-Aachen.DE> MIME-version: 1.0 Content-type: multipart/signed; boundary=PNTmBPCT7hxwcZjr; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-disposition: inline User-Agent: Mutt/1.5.11 X-Operating-System: FreeBSD 6.0-STABLE X-PGP-Key: http://people.FreeBSD.org/~brueffer/brueffer.key.asc X-PGP-Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D References: Cc: freebsd-geom@freebsd.org Subject: Re: A few things about GELI X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jan 2006 16:47:19 -0000 --PNTmBPCT7hxwcZjr Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jan 30, 2006 at 04:46:38PM +0100, Christian Baer wrote: > Good afternoon[1], fellow readers! :-) >=20 > Because I wanted something new to play with and because I found the idea > of encrypting swap and temp space, I decided to give GELI a try. The > idea of using crypto(9) seems good too, because that way hardware > support is added at no extra cost - I know, that was part of the reason, > why GELI was written. :-) >=20 > Note: > This thread is not really related to the one I started on the security > mailing-list. Because of the existing crypto-hardware GELI won that > race described there. This here is more of personal interest. >=20 > The question is more of an academic nature, but interesting just the > same: Can it be said that GELI is more secure (by design) than GBDE or > vice versa? The differences are not only of cosmetic nature or in the > user interface, but there is a real difference within the concept. Can > one of these approaches be called more secure than the other[2]? >=20 There was a huge thread about this very topic on one of the NetBSD lists and freebsd-hackers@ between phk and the guy that implemented cgd for NetBSD (very similar in concept to geli). So, if you're interested in the gory details, I suggest you look that thread up. To cut it short: opinions differ greatly. >=20 > Are there plans for a geli(4) manpage inspired by gbde(4) manpage? It > just shows the non-expert wonderfully, how it works and how safe it is > (in numbers). >=20 That would be very useful indeed. > Now for some *real* questions... :-) >=20 > GBDE wants to be attached to a partition like adxs1d. The examples in > the handbook however suggest that GELI should be attached to the > hardware-device adx and not to a partition. Why is this so? I am > guessing that GELI would be just as happy to be attached to ad1s1d as to > ad1 (wouldn't this be mandatory if there were more than one partition on > the drive?), but does this have any (dis-) advantages? >=20 You can encrypt arbitrary providers with geli (same as with gbde). E.g. on my notebook I have encrypted ad0s1f with geli and have it attach at boot with the corresponding rc.conf variables. > If I were to use encrypted swap space I couldn't use the fstab for these > anymore. Should I do this with a start-up script and if so, where should > I put it? 'Where' as in 'where should it be in the boot-order?' >=20 To have your partitions encrypted, you just have to add .eli (for geli) or .bde (for gbde) to your device name in /etc/fstab, e.g. /dev/ad0s1b.eli on my notebook. The /etc/rc.d/encswap script does the rest automagically. That means you don't have to worry about the boot-order. (The above is true for 7-CURRENT and 6-STABLE, I'm not sure whether encswap was part of 6.0-RELEASE. For older versions, there were special gbde optio= ns for rc.conf). > Basicly the same thing goes for temp-space. When should it be mounted. > And more importantly, if I use a new key every time, wouldn't I need a > newfs during every boot - before I mount /tmp? >=20 You could use a tmpmfs (see corresponding rc.conf variables). Adding it to the geli_devices variable probably just works(tm), but it depends on the order of the rc scripts. - Christian --=20 Christian Brueffer chris@unixpages.org brueffer@FreeBSD.org GPG Key: http://people.freebsd.org/~brueffer/brueffer.key.asc GPG Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D --PNTmBPCT7hxwcZjr Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFD3kL1bHYXjKDtmC0RApr7AKDR6hNdBuIoT5FleaHYvTr+qCis/wCfa3Jr 6O/DyfZw1DCbhqConl03QuU= =pVdm -----END PGP SIGNATURE----- --PNTmBPCT7hxwcZjr--