From owner-freebsd-questions@FreeBSD.ORG Wed Mar 22 09:32:59 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E6CC016A400 for ; Wed, 22 Mar 2006 09:32:59 +0000 (UTC) (envelope-from kralph@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3F77743D45 for ; Wed, 22 Mar 2006 09:32:59 +0000 (GMT) (envelope-from kralph@gmail.com) Received: by wproxy.gmail.com with SMTP id 69so89562wra for ; Wed, 22 Mar 2006 01:32:58 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=srSf7xpXlCymwy00BSltpog6KHPPXPlTYIV/g+lw0FAhKWe04mHHZLwNVfS4bC6J2EIRS7MgnsziUiVyZVemjYSB3DOVYLkKtlkqPyNtOXu+8ogTIdIYWr8gnZerZbMsAcbOYl86CTzyAERkYjziVvay+kcWA3SDT8o6nWQKA54= Received: by 10.64.250.6 with SMTP id x6mr113828qbh; Wed, 22 Mar 2006 01:32:26 -0800 (PST) Received: by 10.65.253.17 with HTTP; Wed, 22 Mar 2006 01:32:26 -0800 (PST) Message-ID: <13d4d6bb0603220132j7eeb3ac1rb0df8d820ccece59@mail.gmail.com> Date: Wed, 22 Mar 2006 01:32:26 -0800 From: "Kenyon Ralph" To: "Erik Norgaard" In-Reply-To: <44211578.8050600@locolomo.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <44210DFC.6000308@locolomo.org> <13d4d6bb0603220051x49fdb302v32bc501a81cb9a99@mail.gmail.com> <44211578.8050600@locolomo.org> Cc: freebsd-questions@freebsd.org Subject: Re: encrypted drives X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Mar 2006 09:33:00 -0000 On 3/22/06, Erik Norgaard wrote: > Kenyon Ralph wrote: > > On 3/22/06, Erik Norgaard wrote: > >> 2) One thing is to create an entire encrypted device for /home. But th= at > >> have the unfortunate consequence that other user's data is unencrypted > >> once the system is up. > >> > >> What would be more appropriate is a solution where each home-dir is an > >> encrypted mfs which is decrypted and mounted when the user log in, is > >> this possible? > > > > I think this is exactly what Mac OS X does with its FileVault feature. > > I was just reading this column by Kelly Martin > > http://www.securityfocus.com/columnists/393 > > when I wrote this, but the FreeBSD solution may not be so simple as the > OSX. Now, the FileVault according to the article encrypts the entire > home partition which is fine for single user laptops, but on multiuser > systems, each home directory should be distinct encrypted partitions in > order not to disclose data to other users. > > In this case, you would also like the ability to dynamically grow the > filesystem when more space is needed, unless ofcourse you simply say, > that's the hard quota limit. Actually, the article says "FileVault encrypts a user's entire home directory, settings and all data." I have a PowerBook and I used to use FileVault on it. From my observations, it works by making an encrypted Disk Image file of your home directory which is mounted and unmounted at login and logoff. It is a special disk image called a "sparse" image which can grow, but can't be shrunk while the image is mounted. This is mostly why I stopped using FileVault--doing a lot of I/O in my homedir caused the sparse image to gradually grow, then I'd eventually have to logoff and let it recover all the gaps in the image, a slow process. There is a different image for each user, so it works in multiuser environments. OS X keeps your unix passwd and the disk image decryption passphrase synchronized if you use the OS X GUI to change your password.