Full disk encryption without root partition
RW
rwmaillists at googlemail.com
Sun Dec 30 12:55:38 UTC 2012
On Sun, 30 Dec 2012 10:34:51 +0100
David Demelier wrote:
> I think a good idea would be to store the key directly in the
> bootloader, but that needs a large enough partition scheme that can
> store the bootloader (boot0 or boot1) plus the encryption key.
> However this needs to add support for that in both boot files and
> will be bigger.
I'm not sure what you are trying to say, but the master key is already
in the metadata and putting user keys on the disk would render the
encryption pointless.
More information about the freebsd-questions
mailing list