GELI compatibility with GBDE
Marius Nuennerich
marius.nuennerich at gmx.net
Tue Feb 28 04:03:13 PST 2006
On Tue, 28 Feb 2006 11:45:21 +0000
"Jack T" <jackt123 at gmail.com> wrote:
> On Mon, 27 Feb 2006 Jack T wrote:
> > Hi all. Sorry if this is a FAQ (I googled but
> > am still unsure of the answer, and in any case
> > there's too much to risk if I got it wrong)
> > My question is: can GELI access
> > a partition that was encrypted by GBDE?
>
> On 2/28/06, Marius Nuennerich wrote:
> > I don't think so, why should it?
>
> Hi! I was looking at feature comparison charts.
> GBDE uses AES, GELI can uses AES, Blowfish, and 3DES.
> GBDE uses fixed key length, GELI can be variable.
Could you post a link to that chart?
>
> Since they both can do sector-by-sector
> encryption, and GELI can be configured to use
> the same scheme and key length as GBDE,
> I just thought maybe it would be great if
> they're compatible.
>
> (I have a lot of data encrypted using GBDE,
> and it would be a lot of work to
> re-encrypt them with GELI to get the ability
> to enter keyphrase in kernel space
> rather than userspace, so that I can encrypt
> the root filesystem which GBDE can't do)
Thanks for the explanation. I still don't think it is a good idea,
even if you would give it a try and it would work, developers are
not supporting this kinda thing, so it could break in the future.
regards
Marius
More information about the freebsd-geom
mailing list