Date: Sun, 30 Dec 2012 12:55:25 +0000 From: RW <rwmaillists@googlemail.com> To: freebsd-questions@freebsd.org Subject: Re: Full disk encryption without root partition Message-ID: <20121230125525.06cceb65@gumby.homeunix.com> In-Reply-To: <50E00ABB.9080200@gmail.com> References: <CAHUOma=wCDQPUy%2B6yVHnMDzd8j75pJ1xn7KBqknqnod99Abgtw@mail.gmail.com> <CAHUOmant1m446mVY85R7EpBd2Pw14gdL03fpmVPMKsrr_epfPw@mail.gmail.com> <50DF6401.50001@martinlaabs.de> <20121229235319.2ee5cb85.freebsd@edvax.de> <50E00ABB.9080200@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 30 Dec 2012 10:34:51 +0100 David Demelier wrote: > I think a good idea would be to store the key directly in the > bootloader, but that needs a large enough partition scheme that can > store the bootloader (boot0 or boot1) plus the encryption key. > However this needs to add support for that in both boot files and > will be bigger. I'm not sure what you are trying to say, but the master key is already in the metadata and putting user keys on the disk would render the encryption pointless.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20121230125525.06cceb65>