Software RAID5
Roland Smith
rsmith at xs4all.nl
Sun Sep 23 10:15:35 PDT 2007
On Sun, Sep 23, 2007 at 05:59:01PM +0100, Gabriel Dragffy wrote:
> This sounds good. How exactly did you manage to encrypt discs and then
> install freebsd there? I can just about setup software raid once freebsd is
> installed, but by then I am unable to use a hard drive because it already
> has freebsd on it.
There is no point in encrypting the whole harddisk. The OS and ports can
be downloaded from the internet. No point in keeping them secret. They
might in fact facilitate a known-plaintext attack.
The things that you should encrypt are /home and maybe /var.
So when installing FreeBSD you should set aside room for slices to hold
/home and /var, see below.
A possible lay-out would be;
/ 200MB
/tmp 200MB
/usr 10GB
/var 2BG
/home the rest
You can find instructions on setting up GEOM_ELI for /home on my website;
http://www.xs4all.nl/~rsmith/freebsd/index.html#home
After a reboot you might get prompted for the GELI password before the
login prompt, depending on if you've used a password.
Roland
--
R.F.Smith http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20070923/90ac9311/attachment.pgp
More information about the freebsd-questions
mailing list