Date: Tue, 7 Sep 2004 13:54:43 -0700 (PDT) From: ctodd@chrismiller.com To: Steve Watt <steve@Watt.COM> Cc: hackers@freebsd.org Subject: Re: Booting encrypted Message-ID: <Pine.BSI.4.58L.0409071341060.19821@vp4.netgate.net> In-Reply-To: <200409072022.i87KM7Kf049770@wattres.Watt.COM> References: <200409072022.i87KM7Kf049770@wattres.Watt.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
> Having the password compiled in to something that's necessarily clear-text > on the same media? If the authorization mechanism is limited to plain text, then yes. I know that "strings" can be used to attempt to find the passphrase in the load, but there may be ways to prevent the passphrase from being retrieved in this manner. > You're not adding anything resembling a challenge for someone who's really > interested in reverse-engineering your system. Any user (I won't call such > a person *acker) incapable of getting around such a thing probably won't > be trying to reverse-engineer it anyhow. Well the point is to have a system where the entire filesystem (except the loader of coarse) is encrypted. Runtime access to the system via the shell would be removed or locked down. I wasn't able to find any info about booting encrypted filesystems, but I can't believe I'm the only one that has raised the question. Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.4.58L.0409071341060.19821>