Passphraseless Disk Encryption Options?
Igor Mozolevsky
igor at hybrid-lab.co.uk
Tue Sep 8 22:10:16 UTC 2015
On 8 September 2015 at 22:50, Analysiser <analysiser at gmail.com> wrote:
> Hi all,
>
> Thank you so much for all the insights here! I think I is my bad not to
> clarify the situation very well but still I found a lot of things I could
> try from the replies. In my case I could not do remote passphrase and and
> USB boot and/or USB hold key/passphrase since the device might not always
> have internet access and no ports (internally or externally are exposed).
>
> I think your suggestions in separating the root filesystem and user space
> applications and data and perform encryption only on user portion is a more
> reasonable practice given the time scale on the project I’m working on.
> Thanks again!
>
> I still have some more detailed questions I’m seeking for an answer
> related to the full startup disk encryption:
<snip>
I think you're worrying about the problem from the wrong end- what is it
that you're attempting to protect, I'm still unsure of that?..
--
Igor M.
More information about the freebsd-hackers
mailing list