Date: Sat, 14 Aug 2004 05:57:44 +0100 From: David Kreil <kreil@ebi.ac.uk> To: Allan Fields <bsd@afields.ca> Cc: David Kreil <kreil@ebi.ac.uk> Subject: Re: "sanitizing" disks: wiping swap, non-allocated space, and file-tails Message-ID: <200408140457.i7E4vi603240@puffin.ebi.ac.uk> In-Reply-To: Your message of "Tue, 20 Jul 2004 07:16:37 EDT." <20040720111637.GJ12833@afields.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Dear Allan,
I finally got my hardware (RAID trouble) back working so I can now get back to
my original attempt of securing storage.
> > Thanks for pointing this out. The Handbook describes a basic gdbe setup
> > but mentions that getting other volumes (like /home) onto a gdbe partition
> > was trickier. Can you tell me which volumes you have successfully put onto
> > a gdbe partition and what was required to get this working?
>
> I currently don't use the default script and have tested various
> configurations. On all systems I've had /home partitioned separate
> to /usr which is a simple case of changing your /etc/fstab to the
> corresponding bde devices and setting the noauto flag, pass# to 0
> so as not to attempt filesystem check before attach:
>
> ..
> /dev/ar0g /usr ufs rw 2 2
> /dev/ar0h.bde /home ufs rw,noauto 2 0
> ..
>
>
> > I wonder, in particular, what issues I have to expect in wanting to keep
> > system relevant directories like /var on a gdbe partition.
>
> The gbde attach should occur early enough during multiuser startup to avoid
> such problems, I don't recall if the provided rc script would be sufficient,
> I'll test a configuration soon, or let me know if you have any luck.
Have you yet had a chance to give it a try?
I noticed that there have been additions to the rc.d script, like
"gbde_swap_enable". Would you know whether, if I used the rc.d approach,
whether that will that be early enough that I can have /var encrypted?
Else, how/where should I otherwise link in (as early as possible but after the
non-US keyboard support has loaded)?
> There are several approaches to securing /etc, but I can elaborate
> more after further testing. The short term approach is not storing
> private keys, etc. on an unencrypted root. Support for encrypted
> root is possible w/ some work, but there are a few issues to sort
> out first.
Do I need an encrypted root? What would be the main benefit of this?
I think I'd need an encrypted /var (as it holds logs, mail&printer spool,
...), and possibly /etc/ssh/ - any other sensitive system areas (besides swap).
Where do you stand now with your setup? I'd be grateful to learn from your
experience.
With many thanks again for your help,
David.
------------------------------------------------------------------------
Dr David Philip Kreil ("`-''-/").___..--''"`-._
Research Fellow `6_ 6 ) `-. ( ).`-.__.`)
University of Cambridge (_Y_.)' ._ ) `._ `. ``-..-'
++44 1223 764107, fax 333992 _..`--'_..-_/ /--'_.' ,'
www.inference.phy.cam.ac.uk/dpk20 (il),-'' (li),' ((!.-'
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200408140457.i7E4vi603240>