Verifying GELI disk encryption
User1001
supraexpress at globaleyes.net
Tue Aug 22 03:58:43 UTC 2006
Defining a small 2MB 'partition' and setting it up for GELI encryption
made it easy to use DD to view the raw data (with ghex2) when the
partition was detached from GELI. This way, I could be certain that ANY
data written to the partition would be read, no matter WHERE it actually
resided within the partition.
When I first tried this on a new 70+GB DRIVE that had only one file, it
was a wee bit difficult to ensure that DD "slice" actually contained the
encrypted file that I was expecting.
So one "simple way to verify (geli) encryption" is to use it on a small
enough space that can be relatively easy to view as raw data.
User1001 wrote:
> What are some relatively simple ways to verify the encryption of/on a
> GELI device?
More information about the freebsd-geom
mailing list