Feasibility/Practicality of using GBDE to facilitate encrypted
swap, md, /tmp, filesystems
John Stockdale
jstockdale at stanford.edu
Sat Jul 26 22:56:26 PDT 2003
Hopefully PHK has a chance to look this one over, but if anyone else
has any thoughts I'll take any opinions I can get. ;)
I was looking over the 5.2 TODO and got curious as to the changes
intended for GBDE to allow integration into the fstab / boot-time mount
procedure. Unfortunately I have a rather poor background in how the
various FreeBSD subsystems interact, but was wondering if such
boot-time mount ability could be used such that GBDE encrypted devices
could be used to back the swap, /tmp, and other portions of the file
system. It seems that initializing a GBDE device at boot with a random
lock file key (or no lock file?) such that as soon as the GBDE dev is
detached or the machine is rebooted all information on that partition
is not recoverable. Not only would this give us encrypted swap that
OpenBSD minions always laude over me ;) but also it seems like
(specifically /tmp encryption) would combat the chances that copies of
plain text files get left around.
On a slightly related note, I currently have a script that allows the
creation of a post boot encrypted md device, and am just using the -p
option on initialization to feed GBDE a passphrase piped from
/dev/random into md5. Is there any way to do such an initialization
more securely? (such as not having to rely on the security of the shell
or md5 along the way?)
Thanks
-John
More information about the freebsd-current
mailing list