From owner-freebsd-questions@FreeBSD.ORG Tue Oct 23 01:41:45 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 64D7816A498 for ; Tue, 23 Oct 2007 01:41:45 +0000 (UTC) (envelope-from iaccounts@ibctech.ca) Received: from pearl.ibctech.ca (pearl.ibctech.ca [208.70.104.210]) by mx1.freebsd.org (Postfix) with ESMTP id E124913C4B8 for ; Tue, 23 Oct 2007 01:41:44 +0000 (UTC) (envelope-from iaccounts@ibctech.ca) Received: (qmail 52628 invoked by uid 1002); 23 Oct 2007 01:41:35 -0000 Received: from iaccounts@ibctech.ca by pearl.ibctech.ca by uid 89 with qmail-scanner-1.22 (spamassassin: 2.64. Clear:RC:1(127.0.0.1):. Processed in 12.111072 secs); 23 Oct 2007 01:41:35 -0000 Received: from unknown (HELO webmail.ibctech.ca) (127.0.0.1) by localhost.ibctech.ca with SMTP; 23 Oct 2007 01:41:22 -0000 Received: from 208.70.104.211 (SquirrelMail authenticated user steve@ibctech.ca) by webmail.ibctech.ca with HTTP; Mon, 22 Oct 2007 21:41:22 -0400 (EDT) Message-ID: <1799.208.70.104.211.1193103682.squirrel@webmail.ibctech.ca> In-Reply-To: <20071022174629.GA1118@garage.freebsd.pl> References: <470CCDE2.9090603@ibctech.ca> <20071010175349.GB9770@slackbox.xs4all.nl> <20071022174629.GA1118@garage.freebsd.pl> Date: Mon, 22 Oct 2007 21:41:22 -0400 (EDT) From: "Steve Bertrand" To: "Pawel Jakub Dawidek" User-Agent: SquirrelMail/1.5.1 [CVS] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal Cc: freebsd-questions@freebsd.org Subject: Re: Booting a GELI encrypted hard disk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Oct 2007 01:41:45 -0000 >>> I am voraciously attempting to get a FreeBSD system to boot from >>> a GELI encrypted hard disk, but am having problems. >> >> You don't need to encrypt the whole harddisk. You can encrypt >> separate slices. There is no need to encrypt stuff like / or /usr; >> what is there that needs to be kept secret? > > Maybe not encryption, but integrity protection is very important for > laptops. GELI supports integrity protection for a while now. If you > don't protect integrity of your entire laptop disk, it is trivial to > trojan userland utilities and/or kernel and steal your password. If > someone needs your data, he can dump encrypted partition, trojan your > system and once you connect to the internet and attach your > encrypted partition, the trojan will send the password to the > attacker. Many people often leave their laptops in hotels rooms, for > example. I don't quite grasp in what level you are using the term 'integrity' here. My knowledge of encryption at the storage level is limited at best... I'm just finding out all the finer points (temp directories, swap etc). However, I'll throw out what I wanted, what I have and then a question: Want: - a FreeBSD system that runs from a fully encrypted disk with passphrase and an encryption key on a removable thumb disk that can be removed so that upon reboot, can not be started Have: - a FreeBSD system that runs from a fully encrypted disk with NO passphrase (due to known, seemingly unsolved keyboard interaction problems) that boots from a thumb drive that has an encryption key so that when rebooted, does not boot (thumb drive can be removed once boot procedure complete)) Question: - if the disk (PC) is stolen, having the entire disk encrypted so no one can even tell what OS is on it, does it make it secure to the point that no one will know what to look for anyway (eg: what is in /usr)? If someone does not know the OS, then it makes it more difficult to know what string or text attacks to perform, right? (I'm not trying to start a security via obscurity/bikeshed war, I seriously wouldn't mind opinion). I think it's fantastic. I'm not a disk forensic specialist, but it's good enough for what I want. Again...thanks to everyone who worked on the GEOM infrastructure. Performance is adequate in my benches so far for what I need, so long as one has adequate memory as to not have to run a disk-based swap space. Steve >