From owner-freebsd-geom@FreeBSD.ORG Wed Apr 11 09:36:37 2012 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id A8C341065672 for ; Wed, 11 Apr 2012 09:36:37 +0000 (UTC) (envelope-from pawel@dawidek.net) Received: from mail.dawidek.net (60.wheelsystems.com [83.12.187.60]) by mx1.freebsd.org (Postfix) with ESMTP id 5A52B8FC08 for ; Wed, 11 Apr 2012 09:36:37 +0000 (UTC) Received: from localhost (58.wheelsystems.com [83.12.187.58]) by mail.dawidek.net (Postfix) with ESMTPSA id 8154F9B4; Wed, 11 Apr 2012 11:36:29 +0200 (CEST) Date: Wed, 11 Apr 2012 11:34:59 +0200 From: Pawel Jakub Dawidek To: Fa bio Message-ID: <20120411093458.GC1319@garage.freebsd.pl> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="8X7/QrJGcKSMr1RN" Content-Disposition: inline In-Reply-To: X-OS: FreeBSD 10.0-CURRENT amd64 User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-geom@freebsd.org Subject: Re: Automatic Geli? X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Apr 2012 09:36:37 -0000 --8X7/QrJGcKSMr1RN Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Apr 09, 2012 at 06:34:10PM +0000, Fa bio wrote: > Is it possible to recompile geli/kernel to automatically enter with passw= ord and/or key? I=B4ll explain with an example: >=20 > If you see a cache system called SpeedR (http://www.speedr.com.br/?locale= =3Den), in their site you can download the ISO and burn it to a CD (http://= www.speedr.com.br/rc/speedr-0...rc18.2-x64.iso) >=20 > It=B4s very interesting, because all partitions are encrypted with Geli,= =20 > but there is no passphrase to enter at boot time or key directions in loa= der.conf file. If they distribute encrypted image that actually works, it means they distribute the key along with the image. As was already noted this serves no purpose, as you can extract the key from the image and decrypt the whole thing on your own. --=20 Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://tupytaj.pl --8X7/QrJGcKSMr1RN Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iEYEARECAAYFAk+FUEIACgkQForvXbEpPzSbsgCguqs5FkCakPLv+995tJLIcghn iCIAn3r1oLb2yLayKUvPZ4TANcQHUFUp =X3Lp -----END PGP SIGNATURE----- --8X7/QrJGcKSMr1RN--