From owner-freebsd-geom@FreeBSD.ORG Mon Jan 30 16:00:52 2006 Return-Path: X-Original-To: freebsd-geom@freebsd.org Delivered-To: freebsd-geom@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6660216A420 for ; Mon, 30 Jan 2006 16:00:52 +0000 (GMT) (envelope-from gcubfg-freebsd-geom@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id C20FE43D46 for ; Mon, 30 Jan 2006 16:00:51 +0000 (GMT) (envelope-from gcubfg-freebsd-geom@m.gmane.org) Received: from root by ciao.gmane.org with local (Exim 4.43) id 1F3bRx-0003Rf-4k for freebsd-geom@freebsd.org; Mon, 30 Jan 2006 17:00:19 +0100 Received: from 222-1-124-83.dsl.3u.net ([83.124.1.222]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 30 Jan 2006 17:00:17 +0100 Received: from christian.baer by 222-1-124-83.dsl.3u.net with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Mon, 30 Jan 2006 17:00:17 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-geom@freebsd.org From: Christian Baer Date: Mon, 30 Jan 2006 16:46:38 +0100 (CET) Organization: Convenimus Projekt Lines: 53 Message-ID: X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: 222-1-124-83.dsl.3u.net User-Agent: slrn/0.9.8.1 (FreeBSD) Sender: news Subject: A few things about GELI X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 Jan 2006 16:00:52 -0000 Good afternoon[1], fellow readers! :-) Because I wanted something new to play with and because I found the idea of encrypting swap and temp space, I decided to give GELI a try. The idea of using crypto(9) seems good too, because that way hardware support is added at no extra cost - I know, that was part of the reason, why GELI was written. :-) Note: This thread is not really related to the one I started on the security mailing-list. Because of the existing crypto-hardware GELI won that race described there. This here is more of personal interest. The question is more of an academic nature, but interesting just the same: Can it be said that GELI is more secure (by design) than GBDE or vice versa? The differences are not only of cosmetic nature or in the user interface, but there is a real difference within the concept. Can one of these approaches be called more secure than the other[2]? Are there any plans to add additional ciphers like Twofish or Serpant to GELI? What does this "sector-to-sector encryption" mean and how is it different from GBDE's approach? Are there plans for a geli(4) manpage inspired by gbde(4) manpage? It just shows the non-expert wonderfully, how it works and how safe it is (in numbers). Now for some *real* questions... :-) GBDE wants to be attached to a partition like adxs1d. The examples in the handbook however suggest that GELI should be attached to the hardware-device adx and not to a partition. Why is this so? I am guessing that GELI would be just as happy to be attached to ad1s1d as to ad1 (wouldn't this be mandatory if there were more than one partition on the drive?), but does this have any (dis-) advantages? If I were to use encrypted swap space I couldn't use the fstab for these anymore. Should I do this with a start-up script and if so, where should I put it? 'Where' as in 'where should it be in the boot-order?' Basicly the same thing goes for temp-space. When should it be mounted. And more importantly, if I use a new key every time, wouldn't I need a newfs during every boot - before I mount /tmp? Regards Chris [1] Depending on your time zone of course. :-) [2] I don't see either of them being cracked any time soon and if either were attacked it would probably be easier to brute force the passphrase than to attack the architecture itself.