Re: Getting GELI Keys from Floppy
- From: Frank Steinborn <steinex@xxxxxxxx>
- Date: Thu, 7 Sep 2006 14:29:01 +0200
Nikos Vassiliadis wrote:
Are you sure you want to trust a floppy disk for your keys??
It's not the most safe medium these days...
I'll backup the keys on CD. It's just that I don't want to waste a
CD-ROM drive in this server.
There is a problem here, because GELI initializes _before_ mounting
the disks from /etc/fstab (for obvious reasons, of course). So GELI is
not able to get the keys from the floppy and fails.
So, any hints how I could get the floppy mounted _before_ GELI tries
to initialize?
Why don't you use the plain device(/dev/fd0) instead of using a file on a
filesystem on the floppy? I think there are examples in the manual page.
I could use /dev/fd0 directly but then I had to use the same key for
all 6 HDD's in the server. I got a solution by hacking /etc/rc.d/geli
- I'm just mounting the floppy there before it tries to read the key.
Thanks for all the people giving suggestions!
Frank
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: Getting GELI Keys from Floppy
- From: Matt Piechota
- Re: Getting GELI Keys from Floppy
- References:
- Getting GELI Keys from Floppy
- From: Frank Steinborn
- Re: Getting GELI Keys from Floppy
- From: Nikos Vassiliadis
- Getting GELI Keys from Floppy
- Prev by Date: Re: comments on handbook chapter
- Next by Date: Re: comments on handbook chapter
- Previous by thread: Re: Getting GELI Keys from Floppy
- Next by thread: Re: Getting GELI Keys from Floppy
- Index(es):
Relevant Pages
|
|
