From owner-freebsd-fs  Thu Sep 14  7:34:50 2000
Delivered-To: freebsd-fs@freebsd.org
Received: from h-209-91-79-2.gen.cadvision.com (h-209-91-79-2.gen.cadvision.com [209.91.79.2])
	by hub.freebsd.org (Postfix) with ESMTP id 41AAC37B422
	for <freebsd-fs@FreeBSD.ORG>; Thu, 14 Sep 2000 07:34:48 -0700 (PDT)
Received: from cirp.org (localhost [127.0.0.1])
	by h-209-91-79-2.gen.cadvision.com (8.9.3/8.9.3) with ESMTP id IAA03818
	for <freebsd-fs@FreeBSD.ORG>; Thu, 14 Sep 2000 08:34:40 -0600 (MDT)
	(envelope-from gtf@cirp.org)
Message-Id: <200009141434.IAA03818@h-209-91-79-2.gen.cadvision.com>
Date: Thu, 14 Sep 2000 08:34:39 -0600 (MDT)
From: "Geoffrey T. Falk" <gtf@cirp.org>
Subject: Re: AW: crypto fs?
To: freebsd-fs@FreeBSD.ORG
In-Reply-To: <200009141401.IAA03781@h-209-91-79-2.gen.cadvision.com>
MIME-Version: 1.0
Content-Type: TEXT/plain; CHARSET=US-ASCII
Sender: owner-freebsd-fs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On 14 Sep, I wrote:
> A proper crypto filesystem would encrypt the blocks in the strategy()
> routine. One could run a standard FFS directly on top of it.

To clarify, obviously, I was thinking of implementing an encrypted
device as a pseudo- block device, that maps to an existing partition.
The passphrase could be set using an ioctl().

A main concern with crypto FS is keeping plaintext blocks from being
swapped out. If you are following this approach, you would also encrypt
your swap devices.

The whole issue of crypto services in the kernel is one I would like to
see developing. To my knowledge not even OpenBSD has gone this far.

g.




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-fs" in the body of the message