[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: filesystem encryption?
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: filesystem encryption?
- From: sen_ml_(_at_)_eccosys_(_dot_)_com
- Date: Mon, 06 Nov 2000 17:15:43 +0900
From: Hannah Schroeter <uk1o_(_at_)_rz_(_dot_)_uni-karlsruhe_(_dot_)_de>
Subject: Re: filesystem encryption?
Date: Mon, 6 Nov 2000 08:39:41 +0100
> On Mon, Nov 06, 2000 at 05:59:08AM +0900, sen_ml_(_at_)_eccosys_(_dot_)_com wrote:
> > i'd like to know as well -- i've looked into using vnconfig, but as
> > far as i can tell that works only w/ files, and not whole filesystems.
> You're nearly on track. vnconfig (or vnd(4) to be precise) acts
> as a block device towards "above" and accesses a file "below".
> So you CAN
> vnconfig -k ... svnd0 /some/file
> Then ONCE:
> disklabel -E svnd0
> newfs /dev/rsvnd0a
> And always:
> mount /dev/svnd0a /some/where
right. but if i understand how this works correctly, i cannot make a
system which has an encrypted root partition -- except perhaps by
vnconfig + union mounting over a minimal unencrypted root partition.
if i could boot from a cf or pcmcia device (not likely for most
laptops), perhaps i could carry around a minimal boot media and then
everything on my hard disk could be encrypted.
> Or you could try out the experimental tcfs support (mount_tcfs and
> other commands/man pages) that is with soon-to-be-2.8.
thanks for the pointer!
it's been a really long time since i've looked at tcfs. i didn't know
there were bsd ports. but i see that there are:
i guess i'll have to get over my irrational nfs prejudices ;-)