Geli Encrypted DVDs
RW
fbsd06 at mlists.homeunix.com
Sun Apr 8 02:31:21 UTC 2007
On Sun, 8 Apr 2007 02:32:33 +0200
Pawel Jakub Dawidek <pjd at FreeBSD.org> wrote:
> On Sun, Apr 08, 2007 at 12:59:42AM +0100, RW wrote:
> >
> > In the questions list Roland Smith suggested that a geli encrypted
> > dvd could be created by burning the backing file from an geli
> > encrypted md device as a disk image.
> >
> > We were neither able to attach the DVD device though, see:
> >
> > http://lists.freebsd.org/pipermail/freebsd-questions/2007-March/145433.html
> >
> > Does anyone know if this can be made to work?
> >
> > FWIW I have no problem putting a UFS2 filesystem on a DVD-R without
> > geli.
>
> Could you give me the output of:
>
> # ls -l $HOME/backupDVD.img
> # diskinfo -v /dev/acd0
> # geli dump /dev/acd0
>
# ls -l /home/t/dvd.img
-rw-r--r-- 1 bob bob 4613734400 Mar 21 13:15 /home/t/dvd.img
# diskinfo -v /dev/acd0
/dev/acd0
2048 # sectorsize
4613734400 # mediasize in bytes (4.3G)
2252800 # mediasize in sectors
# geli dump /dev/acd0
Cannot read metadata from /dev/acd0: Invalid argument.
Not fully done.
-------------------------------------------------
If I run the last command on the image file's md device instead:
# geli dump /dev/md0
Metadata on /dev/md0:
magic: GEOM::ELI
version: 3
flags: 0x0
ealgo: AES-CBC
keylen: 256
provsize: 4613734400
sectorsize: 512
keys: 0x01
iterations: 61292
Salt:
bdf68c63c63839100061f7bca0dbf6351065119f0679945dc13b53b418e739ff73492a158f300a165df449f37d6b4359efb21b6f5201fcf2fc6acf1af29850b1
Master Key:
9f8eaf77c0183b09dca50be0d25a15979aec2cf02dc53870f0b55bcdd911b663fcbfeab0a5567fe7da89ea88a7068a5ab30806b966734e385c43a47cc074156638fca0dc41c3bc27ca8cc52ff5ffac837d8bc116f9a434b2dbf6c520ed5fc1b14ece00e9972b3b1062491db16aa40486ce05c1969b642b9436cbfab472ba581a9600e4390b27913bca1b8e74b9a2c610e162948f947d4c14c657968cd1f712f66fd3352ba3a92454a4b190c289a338698273a85fe934db31d8e5d700afee430b4589fa642882caea6509762f63de82be69f9af78c05b73f4419a523ee6ac8b18340cb3bc5491e3d7b17b5682f515f44d00044db05e23f451720348b1a3c0669875f0cd3784269786c32c4b4e501a612bbbb7dbc68ea54e9c6049d402129f9535a1e20b0d1e15b590144f9eacac28f65a04713e2f8fe335dc33e0887a12af8d9740855cbf4e9e42b0ea36532940d0d466f2c5b95e6f04a4ccf296df5ad09f768682b97b9a92733f0a40c85f86509af309e4e52108ada13c484a089516a3249252
MD5 hash: c491b5d6c87206b6e6d3783dde568fb7
More information about the freebsd-geom
mailing list