Date: Mon, 12 Oct 2009 10:18:24 -0600 From: Geoff Fritz <gfritz@gmail.com> To: Greg Morell <greg.morell@yahoo.com> Cc: freebsd-questions@freebsd.org Subject: Re: Mountable encrypted file? What to use? Message-ID: <20091012161824.GA370@dev.null> In-Reply-To: <954220.56717.qm@web46415.mail.sp1.yahoo.com> References: <954220.56717.qm@web46415.mail.sp1.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 12, 2009 at 06:33:40AM -0700, Greg Morell wrote: > > I like to keep all of my sensitive stuff in a few encrypted mountable files. > Something where I can copy the file to a USB key for backup, but not > worry if I lose the USB key since it's just an encrypted file. But when > on a computer, I can mount it as a volume. > > What should I use on FreeBSD? Combine geli with the md device: dd if=/dev/zero of=/tmp/secret bs=1 count=0 seek=1G mdconfig -a -t vnode -f /tmp/secret -u 1984 geli load geli init /dev/md1984 && geli attach /dev/md1984 newfs /dev/md1984.eli mkdir /mnt/secret && mount /dev/md1984.eli /mnt/secret echo "the formula for Coke is..." > /mnt/secret/secret_formula.txt umount /mnt/secret geli detach /dev/md1984.eli mdconfig -d -u 1984 cp /tmp/secret /mnt/usbdrive (I don't know off-hand the 'cp' options for copying sparse files correctly). Read the man pages for all of the commands you are unfamiliar with. geli(8) has a lot of flexible options. -- Geoff
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091012161824.GA370>