From owner-freebsd-questions Thu Feb 6 11:13:53 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 876C937B405 for ; Thu, 6 Feb 2003 11:13:51 -0800 (PST) Received: from obsecurity.dyndns.org (adsl-67-115-74-80.dsl.lsan03.pacbell.net [67.115.74.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id DEDB943F85 for ; Thu, 6 Feb 2003 11:13:50 -0800 (PST) (envelope-from kris@obsecurity.org) Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5]) by obsecurity.dyndns.org (Postfix) with ESMTP id 8ACA367B88; Thu, 6 Feb 2003 11:13:50 -0800 (PST) Received: by rot13.obsecurity.org (Postfix, from userid 1000) id 6AE11E5A; Thu, 6 Feb 2003 11:13:50 -0800 (PST) Date: Thu, 6 Feb 2003 11:13:50 -0800 From: Kris Kennaway To: DoubleF Cc: FreeBSD-questions Subject: Re: vnode-based encryption driver Message-ID: <20030206191350.GB17503@rot13.obsecurity.org> References: <20030206180026.5631.qmail@mail.tele-kom.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="WIyZ46R2i8wDzkSu" Content-Disposition: inline In-Reply-To: <20030206180026.5631.qmail@mail.tele-kom.ru> User-Agent: Mutt/1.4i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --WIyZ46R2i8wDzkSu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Feb 06, 2003 at 06:00:26PM -0000, DoubleF wrote: > Hello, >=20 > I'm running 4.4-RELEASE and I'm changing the vn(4) driver to do > transparent data encryption (for now it's a lame XOR algorithm, > but that's not forever; I once made it to run with CAST128 from > the crypto libs, and fell back just to sort out problem No 2 > below). My questions are: >=20 > 1) Am I reinventing the wheel? Don't tell me about cfs, though. > I know that something concerning cryptography is going to get > into 4.8-R kernel from OpenBSD, but what will it look like? Yes..several people have already done exactly this (see e.g. the vncrypt port), and 5.0 has a generalized disk device encryption system (GBDE). Kris --WIyZ46R2i8wDzkSu Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+QrPtWry0BWjoQKURAgnQAJ9BUnAGBbrw6FAgNzoHKCIW4li8XwCcDo0W D/+LKzRtU6/bB9S2cqyDrSE= =ag17 -----END PGP SIGNATURE----- --WIyZ46R2i8wDzkSu-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message