Displaying 20 results from an estimated 1000 matches similar to: "Encrypted volume - how?"
2005 Dec 11
1
geli or gbde encryption of slices
Hello,
I was playing around with geli an gbde after last EuroBSDCon.
I liked the idea of encrypting my data which resides in /home/$user.
Since this is a "single" user laptop i intended to encrypt the
whole /home partition. Well no problems with that. But i wanted
the lockfile or keyfile on a seperate usb disc. Which would be
mounted or used during boot of the system. I also used
2008 Feb 06
3
Reconstruct disklabel for UFS and GELI volumes
Hi,
Somehow[TM] an installation of 4.11 to ad0s3 managed to wipe out my
existing disklabel for 7.0 on ad0s4. I now need to recover the
disklabel to get my system to boot!
There were three labels
- ad0s4a: UFS, exact size unknown. Is it possible to infer this from
the UFS partition size? I can mount this already, as I simply wrote an
'a' label of maximum size to the disklabel
- ad0s4b:
2006 Jan 28
1
Should I use gbde or geli?
Hello out there, everybody!
I was actually expecting to find several (hundred) threads with this
subject being discussed. To my surprise I didn't find a single one
either on these mailing lists or in the newsgroups - at least not in a
language I understand. :-)
I realize that gbde and geli are not designed to be better than the
other but that both fit different needs and different tastes.
2007 Dec 02
6
MD5 Collisions...
Hi everyone,
Not sure if you've read http://www.win.tue.nl/hashclash/SoftIntCodeSign/ .
should some kind of advisory be sent to advise people not to rely solely on MD5 checksums? Maybe an update to the man page is due ? :
"
MD5 has not yet (2001-09-03) been broken, but sufficient attacks have
been made that its security is in some doubt. The attacks on MD5 are in
the
2005 Jul 31
1
Kernel Source Divergence, Security (was: booting gbde-encrypted filesystem)
In message <20050731135919.GA43753@afields.ca>, Allan Fields writes:
>Yes, this is all very nice, but when is someone actually going to
>commit it? ;)
I'm (as always) short of time, and GBDE is not the top priority
for me for the time being.
So I am more than happy to see people band together and improve
gbde.
The main work necessary is to polish the userland program and that
2010 Apr 30
3
Announce: Lustre 1.8.3 is available!
Hi all,
Lustre 1.8.3 is available on the Sun Download Center Site.
http://www.sun.com/software/products/lustre/get.jsp
Our forwarding link has not yet been updated but should be
shortly, so you can either find your way in through:
http://www.sun.com/downloads/index.jsp?tab=2#L
and look for Lustre 1.8.3 near the bottom of the "L" section.
or
2010 Apr 30
3
Announce: Lustre 1.8.3 is available!
Hi all,
Lustre 1.8.3 is available on the Sun Download Center Site.
http://www.sun.com/software/products/lustre/get.jsp
Our forwarding link has not yet been updated but should be
shortly, so you can either find your way in through:
http://www.sun.com/downloads/index.jsp?tab=2#L
and look for Lustre 1.8.3 near the bottom of the "L" section.
or
2005 Jul 29
1
booting gbde-encrypted filesystem
Hello,
I think there was already a thread on this. I just
want to raise the question again if anyone has successfully
booted an gdbe-encrypted filesystem (everything encrypted except
the bootloader). The passphrase is entered at the bootloader prompt
or embedded in the bootloader.
I appreciate any tips.
Thanks,
- ronnel
2006 Sep 06
2
Getting GELI Keys from Floppy
Hello,
i want to encrypt my HDD's with GELI (not the root-fs, though). I want
to do the encryption without password, just with a key. The key should
be stored in a floppy disk, and the read should be read automatically
on boot, from the floppy.
There is a problem here, because GELI initializes _before_ mounting
the disks from /etc/fstab (for obvious reasons, of course). So GELI is
not able
2006 Mar 02
1
Panics with md/gvinum/ufs
Hi,
I've done some strange(?) experiments and I managed to get
a panic of type "baddir" and just now another one that only
rebooted my system instantly without writing a vmcore.
I don't know if this is important. I could not find any
information on how gvinum detects failed hard disks.
That's why I tried something really simple.
Steps to reproduce:
1)
dd if=/dev/zero of=a
2004 May 17
1
Confirming my understanding of an ipf log line
Hi list,
I saw this in my ipf.log (using ipfmon):
18/05/2004 15:57:21.092537 fxp0 @25:1 S w.x.y.z -> a.b.c.d PR tcp len 20
(40) frag 20@8 IN
where :
- fpx0 is my interface connected to the outside world
- w.x.y.z is an IP not related to any system under our control
- a.b.c.d is the public IP used for NATed traffic from our LAN.
- @25:1 is : @1 block in log quick from any to any with short
2003 Sep 03
3
MAC problems
FreeBSD version: 5.1-RELEASE
Hi,
I'm quite new to FreeBSD. I've check list archives and
read a handbook, but I didn't find solution to my problem
and I hope this is not off-topic.
I've installed 5.1-RELEASE, enabled ACLs on the filesystems
and I wanted to test MAC features. I'm also new to MAC, so
perhaps this is some my mistake.
When I enable mac_biba or mac_lomac (in
2009 Jan 15
2
zfs drive keeps failing between export and import
I have a zpool that consists for a two-drive mirror. The two times I
took the zpool offline, I had to resilver one of the drives (the same
drive both times) when I imported it back. All drives in the pool
show no read, write, or checksum errors and are new, so I'm looking to
a software problem before hardware. Both drives are encrypted geli
devices. I tried to reproduce the error with 1GB
2006 Mar 13
0
Complete GBDE / GELI encryption for systems without removable local boot tokens (aka USB drives)
Speaking of GELI / GBDE. I was reading Marc's excellent paper on
Complete harddrive encryption for FreeBSD using GBDE/GELI and the
problem I have is it all depends on a bootable removable token that can
by physically secured. While an excellent solution for laptop /
desktop users it just doesn't work with a remote colo users. No way
you can physically remove your unsecure boot token or
2013 Jul 22
3
zpool on a zvol inside zpool
Hi.
I'm moving some of my geli installation to a new machine. On an old
machine it was running UFS. I use ZFS on a new machine, but I don't have
an encrypted main pool (and I don't want to), so I'm kinda considering a
way where I will make a zpool on a zvol encrypted by geli. Would it be
completely insane (should I use UFS instead ?) or would it be still
valid ?
Thanks.
Eugene.
2012 Jun 13
1
kern/157863: [geli] kbdmux prevents geli passwords from being entered properly on boot
Hello,
Just to let everyone know that this is still an issue.
I am trying to install FreeBSD 9.0 amd64 on a Lenovo X121e and I
can't get it to accept the geli passphrase during boot. I've confirmed
using kern.geom.eli.visible_passphrase=1 that the passphrase is
correct, and the same passphrase is accepted when the system is
booted up.
I've tried disabling kbdmux in
2008 Sep 30
5
GELI partition mount on boot fails after 7.0 -> 7.1-PRERELEASE upgrade
I was using a GELI partition for /usr/home on 7.0, so it attaches and mounts
on boot. The problem is it stopped working after the system was upgraded to
RELENG_7/7.1-PRERELEASE. Here's how it goes:
I have the following /etc/fstab:
/dev/ad0s1b none swap sw 0 0
/dev/ad0s1a / ufs rw 1 1
/dev/ad0s1d
2008 Mar 17
1
hifn(4) causing system lockup
Hi all,
can someone comment on the state of the hifn(4) driver?
I've recently upgraded my 6.2-STABLE workstation to RELENG_7,
and I'm now experiencing system lockups that seem to be caused
by the hifn(4) driver.
I've got a Soekris vpn1401 card to help with GELI disk en-
cryption. Reading from a GELI volume is causing the system to
freeze completely, which does not happen if
2012 Nov 27
6
How to clean up /
Hello.
I recently upgraded to 9.1-RC3, everything went fine, however the / partition its about to get full. Im really new to FreeBSD so I don?t know what files can be deleted safely.
# find -x / -size +10000 -exec du -h {} \;
16M /boot/kernel/kernel
60M /boot/kernel/kernel.symbols
6.7M /boot/kernel/if_ath.ko.symbols
6.4M /boot/kernel/vxge.ko.symbols
9.4M
2012 Apr 16
2
Any options on crypt+zfs ?
hail,
I have a soekris running an atom and 2GB RAM and ZFS using 7 drives, small capacity though, to
test and study if I can make my home server this box and this way. It will be a simple server,
three users tops.
I followed the handbook and made the geli step on the disks:
Geom name: label/zfs1.eli
State: ACTIVE
EncryptionAlgorithm: AES-XTS
KeyLength: 128
Crypto: software
UsedKey: 0
Flags: