Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 27 Jul 2003 22:32:48 +0200
From:      "Poul-Henning Kamp" <phk@phk.freebsd.dk>
To:        John Stockdale <jstockdale@stanford.edu>
Cc:        freebsd-current@freebsd.org
Subject:   Re: Feasibility/Practicality of using GBDE to facilitate encrypted swap, md, /tmp, filesystems 
Message-ID:  <66005.1059337968@critter.freebsd.dk>
In-Reply-To: Your message of "Sun, 27 Jul 2003 17:56:23 %2B1200." <0D8BEE11-BFF7-11D7-B8B6-000393A6EB58@stanford.edu> 

next in thread | previous in thread | raw e-mail | index | archive | help
In message <0D8BEE11-BFF7-11D7-B8B6-000393A6EB58@stanford.edu>, John Stockdale 
writes:
>Hopefully PHK has a chance to look this one over, but if anyone else 
>has any thoughts I'll take any opinions I can get. ;)

I have a number of operations I plan to add to the gbde tool, but
some of them has be a bit worried about their foot-shooting potential
so I'm still thinking about them, and rather than go over the program
twice, I'm holding on to the easy ones until I'm ready to do them
all.

The one operation which is a no-brainer so to speak is the "one
time attach" where the gbde device is init'ed and attached but the
master key and lock sector is never written to the device.  This
is the mode you want to use for paging devices.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?66005.1059337968>