Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 7 Sep 2010 23:07:44 +0200
From:      Ivan Voras <ivoras@freebsd.org>
To:        Gleb Kurtsou <gleb.kurtsou@gmail.com>
Cc:        freebsd-current@freebsd.org
Subject:   Re: RFC: pefs - stacked cryptographic filesystem
Message-ID:  <AANLkTi=mEu90g8M1iFLzjcH0Xphc9oEyyuFJcj07oTyd@mail.gmail.com>
In-Reply-To: <20100907200507.GB2804@tops>
References:  <20100906183838.GA3460@tops> <i65i47$vnl$1@dough.gmane.org> <20100907200507.GB2804@tops>

next in thread | previous in thread | raw e-mail | index | archive | help
On 7 September 2010 22:05, Gleb Kurtsou <gleb.kurtsou@gmail.com> wrote:
> On (07/09/2010 16:27), Ivan Voras wrote:
>> On 09/06/10 20:38, Gleb Kurtsou wrote:
>> > Hello,
>> >
>> > I would like to ask for feedback on a kernel level stacked cryptograph=
ic
>> > filesystem. It has started as Summer Of Code'2009 project and matured =
a
>> > lot since then. I've recently added support for sparse files and
>> > switched to XTS encryption mode.
>>
>> I've tried it and so far it works :)
>>
>> > 3. Mount pefs filesystem:
>> > # pefs mount ~/Private ~/Private
>>
>> I see you've used the same example in the man page. Maybe it would be
>> better for educational purposes to use two separate directories, e.g.
>> ~/Private and ~/Decrypted to avoid confusion by new users (of course not
>> all examples need to use this).
> Actually I've used the same directory solely for educational purposes --
> there is just one directory, it's either encrypted or not.

The other directory is a mount point - this is what I was aiming at.

> If user enters k1, the following chain can be retrieved from the
> database: k1 k2 k3. All three keys are then added to filesystem.
>
> In case of k2 chain is k2 k3.
>
> All entries stored encrypted in a way that child entry can be decrypted
> only by parent key.
>
> Using key chains one can emulate access levels.

I don't know if it is cryptographically sound but it seems like too
much trouble :)

>> > 7. You can setup pam_pefs (not compiled by default) to add key to home
>> > directory and authenticate against keychain database on login, e.g. by
>> > adding the following line to /etc/pam.d/system before pam_unix.so:
>> >
>> > auth =C2=A0 =C2=A0 =C2=A0 =C2=A0sufficient =C2=A0 =C2=A0 =C2=A0pam_pef=
s.so =C2=A0 =C2=A0 try_first_pass
>>
>> So, this would bypass passwd and let the user in if his password
>> authenticates against the "keychain database" in his home directory?
> Exactly, that's the way I use it. More detailed description available
> here: http://marc.info/?l=3Dfreebsd-current&m=3D128388197901390&w=3D2
>
>> Will it automagically pefs-mount his home directory?
> No, not mounting pefs is intentional. It automagically adds keys to
> already mounted pefs filesystem.

Ok, so for example on a desktop client, a pefs-protected home
directory would always be mounted from fstab, and then decrypted on
login. Makes sense.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTi=mEu90g8M1iFLzjcH0Xphc9oEyyuFJcj07oTyd>