Date: Thu, 7 Sep 2006 10:59:17 -0400 From: "Bob Johnson" <fbsdlists@gmail.com> To: "Barkley Vowk" <bvowk@math.ualberta.ca> Cc: freebsd-security@freebsd.org, Frank Steinborn <steinex@nognu.de> Subject: Re: Getting GELI Keys from Floppy Message-ID: <54db43990609070759u25e58d28t8d08c52c9df3c765@mail.gmail.com> In-Reply-To: <20060906151041.N37483@3jane.math.ualberta.ca> References: <20060906210021.C2428B82C@shodan.nognu.de> <20060906151041.N37483@3jane.math.ualberta.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/6/06, Barkley Vowk <bvowk@math.ualberta.ca> wrote: > You are a complete madman. You want to protect your data with a key stored > on the most completely and utterly unreliable form of data storage still > lamentably in use? Its not the 1970's anymore, get a real data storage > medium! > > Get a usb flash drive, from there its a simple matter of changing the geli > script to mount a specific usb device before starting. Look in > /etc/rc.d/geli and geli2. I'd put your mounting and checks between the > kldstat and the "if [ -z" in the geli_start() sub. I have floppies from the 1980s that are still readable, but I have never had a USB flash drive last more than six months when actually in use. For important data, I trust a floppy far more than I trust a flash drive. The big problem with floppies is they don't hold enough data. For that matter, writeable CDs and DVDs have proven to be much less reliable than floppies, too. - Bob
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54db43990609070759u25e58d28t8d08c52c9df3c765>