From owner-freebsd-geom@FreeBSD.ORG  Tue Aug 17 21:27:37 2004
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5B53C16A4CE
	for <freebsd-geom@freebsd.org>; Tue, 17 Aug 2004 21:27:37 +0000 (GMT)
Received: from frontend1.messagingengine.com (frontend1.messagingengine.com
	[66.111.4.30])	by mx1.FreeBSD.org (Postfix) with ESMTP id D8ACA43D2F
	for <freebsd-geom@freebsd.org>; Tue, 17 Aug 2004 21:27:36 +0000 (GMT)
	(envelope-from list-freebsd-2004@morbius.sent.com)
X-Sasl-enc: Z+/Q/6n4vtJDkugaYibcJw 1092778053
Received: from modem-547.snake.dialup.pol.co.uk
	(modem-547.snake.dialup.pol.co.uk [62.137.114.35])
	by frontend1.messagingengine.com (Postfix) with ESMTP id 17969C1472D
	for <freebsd-geom@freebsd.org>; Tue, 17 Aug 2004 17:27:32 -0400 (EDT)
From: "R. W." <list-freebsd-2004@morbius.sent.com>
To: freebsd-geom@freebsd.org
Date: Tue, 17 Aug 2004 22:27:32 +0100
User-Agent: KMail/1.6.2
References: <200408162112.47356.list-freebsd-2004@morbius.sent.com>
	<xzpzn4tsy88.fsf@dwp.des.no>
In-Reply-To: <xzpzn4tsy88.fsf@dwp.des.no>
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Message-Id: <200408172227.33570.list-freebsd-2004@morbius.sent.com>
Subject: Re: Encrypted CD/DVDs via gbde or otherwise
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: GEOM-specific discussions and implementations
	<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Aug 2004 21:27:37 -0000

On Tuesday 17 August 2004 14:14, Dag-Erling Sm=F8rgrav wrote:
> "R. W." <list-freebsd-2004@morbius.sent.com> writes:
> > I have some data in an encrypted gbde partition. I'd like to be
> > able to move some of it out to CD-R or DVD in an encrypted,
> > mountable form (as opposed to simply encrypting a tar file and
> > burning that).
> >
> > Most other encryption schemes support this through container files.
> > You create a 650MB container, mount/attach it, copy the data,
> > unmount/detach the container, and burn it to CD as a single file on
> > a data disk.
> >
> > AFAIK gbde doesn't support container files. Is it on the roadmap?
> > Or is there any alternative.
>
> (untested)
>
> # dd if=3D/dev/zero of=3Dcontainer bs=3D1048576 count=3D650
> # mdconfig -a -t vnode -f container
> # gbde init /dev/md0
> # gbde attach /dev/md0
> # newfs /dev/md0.bde
> # mount /dev/md0.bde /mnt
> # <copy files to /mnt>
> # umount /mnt
> # gbde detach /dev/md0
> # mdconfig -d -u 0
> # burncd data container fixate
>
> you should then be able to 'gbde attach /dev/acd0' and mount
> /dev/acd0.bde wherever you like.

Nice Idea, but it didn't quite work, there was no /dev/acd0.bde after=20
attaching /dev/acd0.

However, what did work was converting the container to an iso image=20
before burning, then using=20

# mount  /cdrom
# mdconfig -a -t vnode -f  /cdrom/containe
# gbde init /dev/md0
# gbde attach /dev/md0=20
# mount /dev/md0.bde /mnt=20

to access the encrypted data.


Thanks for your help.