Date: Tue, 02 Aug 2005 10:30:22 +0800 From: "Ronnel P. Maglasang" <rmaglasang@infoweapons.com> To: Alexander Leidinger <Alexander@Leidinger.net> Cc: freebsd-hackers <freebsd-hackers@freebsd.org>, Pawel Jakub Dawidek <pjd@freebsd.org>, freebsd-geom <freebsd-geom@freebsd.org> Subject: Re: booting gbde-encrypted filesystem Message-ID: <42EEDABE.7080402@infoweapons.com> In-Reply-To: <20050729134548.1cc28dr8gg0k4k0g@netchild.homeip.net> References: <42E9BC12.2050401@infoweapons.com> <20050729065357.GA617@darkness.comp.waw.pl> <20050729134548.1cc28dr8gg0k4k0g@netchild.homeip.net>
next in thread | previous in thread | raw e-mail | index | archive | help
What I had in mind is perhaps I could find a way to enter the passphrase at the loader prompt, or configure the loader to get the passphrase from an external device or hardcoded the passphrase in the bootloader(really insecure). Alexander Leidinger wrote: > Pawel Jakub Dawidek <pjd@freebsd.org> wrote: > >> This is not not possible with current GBDE. >> I've patches which allows this here: >> >> http://people.freebsd.org/~pjd/patches/gbde.patch > > > I fail to see how this allows an encryted root-FS, it doesn't add gbde > support to boot0(ext) or to the loader. It needs access to an unencrypted > kernel. I don't think this is what Ronnel had in mind (overlooking the > fact > that his suggestion to save the passphrase in the loader is insecure). > > Bye, > Alexander. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42EEDABE.7080402>