Date: Thu, 7 Sep 2006 08:34:29 -0700 (PDT) From: "R. B. Riddick" <arne_woerner@yahoo.com> To: Jack Barnett <jackbarnett@gmail.com>, freebsd-security@freebsd.org Cc: Frank Steinborn <steinex@nognu.de> Subject: Re: Getting GELI Keys from Floppy Message-ID: <20060907153429.49547.qmail@web30314.mail.mud.yahoo.com> In-Reply-To: <dedb607c0609070829k37572e6fu2c497d09ef81f091@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--- Jack Barnett <jackbarnett@gmail.com> wrote: > One idea is having 1 server with a CD-ROM drive and exporting it via NFS. > When a server boots it mounts the remote CD-ROM drive and looks for key > "$HOSTNAME.key". > But then u would have the problem with network security... > > On 9/6/06, Barkley Vowk <bvowk@math.ualberta.ca> wrote: > > > Get a usb flash drive, from there its a simple matter of changing the > > geli > > > script to mount a specific usb device before starting. Look in > > > /etc/rc.d/geli and geli2. I'd put your mounting and checks between the > > > kldstat and the "if [ -z" in the geli_start() sub. > > Oh... I just see Mr. Barkley V. gave an important and helpful hint in this thread, too... I just wanted to point that out, because it is quite astonishing after the first few words... -Arne __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060907153429.49547.qmail>