From owner-freebsd-geom@FreeBSD.ORG  Tue Feb 28 12:03:13 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 97A0916A420
	for <freebsd-geom@freebsd.org>; Tue, 28 Feb 2006 12:03:13 +0000 (GMT)
	(envelope-from marius.nuennerich@gmx.net)
Received: from mail.gmx.net (mail.gmx.net [213.165.64.20])
	by mx1.FreeBSD.org (Postfix) with SMTP id 5CBDD43D5D
	for <freebsd-geom@freebsd.org>; Tue, 28 Feb 2006 12:03:10 +0000 (GMT)
	(envelope-from marius.nuennerich@gmx.net)
Received: (qmail invoked by alias); 28 Feb 2006 12:03:08 -0000
Received: from p50839B96.dip0.t-ipconnect.de (EHLO sol) [80.131.155.150]
	by mail.gmx.net (mp005) with SMTP; 28 Feb 2006 13:03:08 +0100
X-Authenticated: #5707313
Date: Tue, 28 Feb 2006 13:03:00 +0100
From: Marius Nuennerich <marius.nuennerich@gmx.net>
To: "Jack T" <jackt123@gmail.com>
Message-ID: <20060228130300.59f9125d@sol>
In-Reply-To: <a1ef274e0602280345w749e39c1l1e2f7c1839832597@mail.gmail.com>
References: <a1ef274e0602261836m7f3eee16qf5f0bb9aead9dda@mail.gmail.com>
	<20060228024303.6f164e6a@sol>
	<a1ef274e0602280345w749e39c1l1e2f7c1839832597@mail.gmail.com>
X-Mailer: Sylpheed-Claws 2.0.0 (GTK+ 2.8.12; i386-portbld-freebsd5.4)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
Cc: freebsd-geom@freebsd.org
Subject: Re: GELI compatibility with GBDE
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
	<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Feb 2006 12:03:13 -0000

On Tue, 28 Feb 2006 11:45:21 +0000
"Jack T" <jackt123@gmail.com> wrote:

> On Mon, 27 Feb 2006 Jack T wrote:
> > Hi all. Sorry if this is a FAQ (I googled but
> > am still unsure of the answer, and in any case
> > there's too much to risk if I got it wrong)
> > My question is: can GELI access
> > a partition that was encrypted by GBDE?
> 
> On 2/28/06, Marius Nuennerich wrote:
> > I don't think so, why should it?
> 
> Hi! I was looking at feature comparison charts.
> GBDE uses AES, GELI can uses AES, Blowfish, and 3DES.
> GBDE uses fixed key length, GELI can be variable.

Could you post a link to that chart?

> 
> Since they both can do sector-by-sector
> encryption, and GELI can be configured to use
> the same scheme and key length as GBDE,
> I just thought maybe it would be great if
> they're compatible.
> 
> (I have a lot of data encrypted using GBDE,
> and it would be a lot of work to
> re-encrypt them with GELI to get the ability
> to enter keyphrase in kernel space
> rather than userspace, so that I can encrypt
> the root filesystem which GBDE can't do)

Thanks for the explanation. I still don't think it is a good idea,
even if you would give it a try and it would work, developers are
not supporting this kinda thing, so it could break in the future.

regards
Marius