From owner-freebsd-hackers@FreeBSD.ORG Sat Oct 11 03:30:22 2014 Return-Path: Delivered-To: hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 32F66186 for ; Sat, 11 Oct 2014 03:30:22 +0000 (UTC) Received: from alogt.com (alogt.com [69.36.191.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0BEE7BA7 for ; Sat, 11 Oct 2014 03:30:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=alogt.com; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:References:In-Reply-To:Message-ID:Subject:Cc:To:From:Date; bh=XB3kf0bi8BIPawfjMJjkzPxdjFsAkWTnn/AGhQa9MuI=; b=orx8m30Ij9XtC6ji0tt82p2W+ubAsCIZldwuKzuCHi8GXzM4zauropIvXItg7qMNeJtRPceuBZPviyoGRX4xQKD7gOchDwZHX8phzHfxeygof6UpALI3DOInsfglc2B10FpdOKHH4EpM1XVBiV/M6y5zZsygigganQB/rJBaB40=; Received: from [182.4.89.165] (port=11393 helo=X220.alogt.com) by sl-508-2.slc.westdc.net with esmtpsa (SSLv3:AES128-SHA:128) (Exim 4.82) (envelope-from ) id 1XcnNl-0017aH-FS; Fri, 10 Oct 2014 21:30:14 -0600 Date: Sat, 11 Oct 2014 11:30:08 +0800 From: Erich Dollansky To: "Michael W. Lucas" Subject: Re: GBDE not protecting the user Message-ID: <20141011113008.705ba16d@X220.alogt.com> In-Reply-To: <20141010215842.GA6717@mail.michaelwlucas.com> References: <20141010215842.GA6717@mail.michaelwlucas.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - sl-508-2.slc.westdc.net X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - alogt.com X-Get-Message-Sender-Via: sl-508-2.slc.westdc.net: authenticated_id: erichsfreebsdlist@alogt.com X-Source: X-Source-Args: X-Source-Dir: Cc: hackers@freebsd.org X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Oct 2014 03:30:22 -0000 Hi, On Fri, 10 Oct 2014 17:58:42 -0400 "Michael W. Lucas" wrote: > [Tried questions@, no answer, and the code contains things I just > cannot trigger.] > just try geli. It works for me. What I like most is that you can have key and password on external media. No external media - no decyphering. I also see the destruction possible but I do not use this feature. Erich > Hi, > > Been playing with GBDE a while, trying to make it protect me. > > One of the features of GBDE is that it should "provide tangible > feedback" that the data has been destroyed. (See PHK's paper at > http://phk.freebsd.dk/pubs/bsdcon-03.gbde.paper.pdf, section 4.1.) > > The man page doesn't mention how to make GBDE whine, so what the heck, > let's make it tell me the keys are destroyed. > > Creating GBDE devices is very simple. > > # gbde init /dev/gpt/encrypted -L /etc/encrypted.lock > > I created a filesystem, mounted it, put files on it, unmounted. > > There's two operations to wipe out a GBDE: nuke and destroy. Nuke > looks like the right thing. I nuke all the keys: > > # gbde nuke gpt/encrypted -l /etc/encrypted.lock -n -1 > Enter passphrase: > Opened with key 0 > Nuked key 0 > Nuked key 1 > Nuked key 2 > Nuked key 3 > # gbde attach gpt/encrypted -l /etc/encrypted.lock > Enter passphrase: > # > > The .bde device isn't there, and my filesystem is gone. But I received > no confirmation that the keys were destroyed. > > I also didn't get a message that the device couldn't be attached, > although it clearly isn't. > > Fine. Let's try 'gbde destroy'. > > # gbde init /dev/gpt/encrypted -L /etc/encrypted.lock > Enter new passphrase: > Reenter new passphrase: > # gbde destroy gpt/encrypted -l /etc/encrypted.lock > Enter passphrase: > Opened with key 0 > # gbde attach gpt/encrypted -l /etc/encrypted.lock > Enter passphrase: > # > > The device isn't attached, it just fails silently. And failing with a > specific complaint is the whole point of GBDE. > > Did I misunderstand the GBDE functionality? Am I missing something > daft? Has this code just decayed with GELI's arrival? > > Thanks, > ==ml > >