Re: Getting GELI Keys from Floppy
- From: Nikos Vassiliadis <nvass@xxxxxxxxxxxxxx>
- Date: Thu, 7 Sep 2006 10:19:46 +0300
On Thursday 07 September 2006 00:00, Frank Steinborn wrote:
Hello,
i want to encrypt my HDD's with GELI (not the root-fs, though). I want
to do the encryption without password, just with a key. The key should
be stored in a floppy disk, and the read should be read automatically
on boot, from the floppy.
Are you sure you want to trust a floppy disk for your keys??
It's not the most safe medium these days...
There is a problem here, because GELI initializes _before_ mounting
the disks from /etc/fstab (for obvious reasons, of course). So GELI is
not able to get the keys from the floppy and fails.
So, any hints how I could get the floppy mounted _before_ GELI tries
to initialize?
Why don't you use the plain device(/dev/fd0) instead of using a file on a
filesystem on the floppy? I think there are examples in the manual page.
Anyway, I find this a very very bad idea. If the floppy break in some way
you're gonna be in big trouble...
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: Getting GELI Keys from Floppy
- From: Frank Steinborn
- Re: Getting GELI Keys from Floppy
- References:
- Getting GELI Keys from Floppy
- From: Frank Steinborn
- Getting GELI Keys from Floppy
- Prev by Date: Re: comments on handbook chapter
- Next by Date: Re: comments on handbook chapter
- Previous by thread: Re: Getting GELI Keys from Floppy
- Next by thread: Re: Getting GELI Keys from Floppy
- Index(es):
Relevant Pages
|
|
