From owner-freebsd-questions@FreeBSD.ORG Thu Dec 9 14:13:13 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A2F311065694 for ; Thu, 9 Dec 2010 14:13:13 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from tower.berklix.org (tower.berklix.org [83.236.223.114]) by mx1.freebsd.org (Postfix) with ESMTP id 0D8DA8FC17 for ; Thu, 9 Dec 2010 14:13:12 +0000 (UTC) Received: from park.js.berklix.net (p5B22F514.dip.t-dialin.net [91.34.245.20]) (authenticated bits=0) by tower.berklix.org (8.14.2/8.14.2) with ESMTP id oB9ED1Y8055618; Thu, 9 Dec 2010 14:13:04 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by park.js.berklix.net (8.13.8/8.13.8) with ESMTP id oB9EE947086180; Thu, 9 Dec 2010 15:14:09 +0100 (CET) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.3/8.14.3) with ESMTP id oB9EDwgB090024; Thu, 9 Dec 2010 15:14:04 +0100 (CET) (envelope-from jhs@fire.js.berklix.net) Message-Id: <201012091414.oB9EDwgB090024@fire.js.berklix.net> To: Andre Goree From: "Julian H. Stacey" Organization: http://www.berklix.com BSD Unix Linux Consultancy, Munich Germany User-agent: EXMH on FreeBSD http://www.berklix.com/free/ X-URL: http://www.berklix.com In-reply-to: Your message "Wed, 08 Dec 2010 22:52:07 CST." Date: Thu, 09 Dec 2010 15:13:58 +0100 Sender: jhs@berklix.com Cc: freebsd-questions@freebsd.org Subject: Re: Disk encryption on a headless box? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Dec 2010 14:13:13 -0000 Andre Goree wrote: > I was looking at encrypting my data on a headless server I have, and found a > good tutorial using ZFS+geli. Easy enough to setup, but one thing I just > realized is that I wouldn't be able to enter the passphrase on the server > since I keep it headless. > > I wonder if there is some type of encryption I can use that does not require > entering a passphrase. For example, perhaps I can set it up in a way that > it'll automatically read from certain files on a thumb drive? I encrypt my data with gbde, it fetches the passphrase from another host if running. (Mine has a head, but doesnt use it. I don't use ZFS, but I don't see that's necessarily related) Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Mail plain text; Not quoted-printable, or HTML or base 64. Avoid top posting, it cripples itemised cumulative responses.