Booting encrypted
ctodd at chrismiller.com
ctodd at chrismiller.com
Tue Sep 7 13:54:44 PDT 2004
> Having the password compiled in to something that's necessarily clear-text
> on the same media?
If the authorization mechanism is limited to plain text, then yes. I know
that "strings" can be used to attempt to find the passphrase in the load,
but there may be ways to prevent the passphrase from being retrieved in
this manner.
> You're not adding anything resembling a challenge for someone who's really
> interested in reverse-engineering your system. Any user (I won't call such
> a person *acker) incapable of getting around such a thing probably won't
> be trying to reverse-engineer it anyhow.
Well the point is to have a system where the entire filesystem (except the
loader of coarse) is encrypted. Runtime access to the system via the shell
would be removed or locked down.
I wasn't able to find any info about booting encrypted filesystems, but I
can't believe I'm the only one that has raised the question.
Chris
More information about the freebsd-hackers
mailing list