Date: Tue, 8 Sep 2015 23:09:35 +0100 From: Igor Mozolevsky <igor@hybrid-lab.co.uk> To: Analysiser <analysiser@gmail.com> Cc: Xin LI <d@delphij.net>, Hackers freeBSD <freebsd-hackers@freebsd.org> Subject: Re: Passphraseless Disk Encryption Options? Message-ID: <CADWvR2gkLR2VLsUw_MRyLBaFmftP0WuJqR3_n1SpT_WEDRuL6w@mail.gmail.com> In-Reply-To: <D5104DE1-F889-422E-8017-25B6555396F0@gmail.com> References: <8B7FEE2E-500E-49CF-AC5E-A2FA3054B152@gmail.com> <CADWvR2iv7xz02Fw9b=159%2BSMuphQGRKZsfyy9DDeqGMxn=p1BA@mail.gmail.com> <D214715D.1A32%xaol@amazon.com> <CADWvR2iVubsBQjnvQ8mDGGS7ujsR8wPQ2RAxn=kvFkmVGQkXiQ@mail.gmail.com> <D2147761.1A53%xaol@amazon.com> <55EF4B65.8030905@delphij.net> <D5104DE1-F889-422E-8017-25B6555396F0@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8 September 2015 at 22:50, Analysiser <analysiser@gmail.com> wrote: > Hi all, > > Thank you so much for all the insights here! I think I is my bad not to > clarify the situation very well but still I found a lot of things I could > try from the replies. In my case I could not do remote passphrase and and > USB boot and/or USB hold key/passphrase since the device might not always > have internet access and no ports (internally or externally are exposed). > > I think your suggestions in separating the root filesystem and user space > applications and data and perform encryption only on user portion is a mo= re > reasonable practice given the time scale on the project I=E2=80=99m worki= ng on. > Thanks again! > > I still have some more detailed questions I=E2=80=99m seeking for an answ= er > related to the full startup disk encryption: <snip> I think you're worrying about the problem from the wrong end- what is it that you're attempting to protect, I'm still unsure of that?.. --=20 Igor M.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADWvR2gkLR2VLsUw_MRyLBaFmftP0WuJqR3_n1SpT_WEDRuL6w>