booting gbde-encrypted filesystem
Ronnel P. Maglasang
rmaglasang at infoweapons.com
Tue Aug 2 02:22:52 GMT 2005
What I had in mind is perhaps I could find a way to
enter the passphrase at the loader prompt, or configure
the loader to get the passphrase from an external
device or hardcoded the passphrase in the bootloader(really
insecure).
Alexander Leidinger wrote:
> Pawel Jakub Dawidek <pjd at freebsd.org> wrote:
>
>> This is not not possible with current GBDE.
>> I've patches which allows this here:
>>
>> http://people.freebsd.org/~pjd/patches/gbde.patch
>
>
> I fail to see how this allows an encryted root-FS, it doesn't add gbde
> support to boot0(ext) or to the loader. It needs access to an unencrypted
> kernel. I don't think this is what Ronnel had in mind (overlooking the
> fact
> that his suggestion to save the passphrase in the loader is insecure).
>
> Bye,
> Alexander.
>
More information about the freebsd-hackers
mailing list