Date: Fri, 8 Nov 2013 18:03:01 -0500 From: =?iso-8859-1?B?QnJ1bm8gTGF1euk=?= <brunolauze@msn.com> To: "freebsd-geom@freebsd.org" <freebsd-geom@freebsd.org> Subject: GELI Passphrase Providers Message-ID: <BLU179-W5B844903E3EE0ABA8CC92C6F20@phx.gbl>
next in thread | raw e-mail | index | archive | help
Right now=2C there's only "cngets" used to provide passphrase for GELI disk= encryption.=0A= In the future=2C considering embedded solutiona=2C and cloud data centers= =2C co-location=2C etc..=2C=0A= would different geli passphrase providers be planned?=0A= =0A= =0A= One thing that I dream of (for embedded projects):=0A= =0A= =0A= While prompting the passphrase on the console=2C have some settings in load= er.conf to=A0=0A= provide an iface=2C ip=2C netmask gateway to mount and implement a Single P= acket Authorization mechanism with IPSec.=0A= =0A= The impossibility to be on-site to enter passphrase prevent disk encryption= for multiple scenarios=2C and in my humble opinion=2C those are the same s= cenarios where encryption is mandatory like embedded Device in the wild=2C = co-location=2C Off-site servers... even bhyve...=0A= =0A= Of course=2C I know IPMI or KVM solutions are possible=2C just wandering if= we oversee any solutions without those required.=0A= =0A= Any opinions? =
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BLU179-W5B844903E3EE0ABA8CC92C6F20>