From owner-freebsd-current@FreeBSD.ORG Tue Sep 7 14:27:32 2010 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B39C310656BC for ; Tue, 7 Sep 2010 14:27:32 +0000 (UTC) (envelope-from freebsd-current@m.gmane.org) Received: from lo.gmane.org (lo.gmane.org [80.91.229.12]) by mx1.freebsd.org (Postfix) with ESMTP id 376468FC16 for ; Tue, 7 Sep 2010 14:27:31 +0000 (UTC) Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1Osz8y-0001qd-Md for freebsd-current@freebsd.org; Tue, 07 Sep 2010 16:27:28 +0200 Received: from lara.cc.fer.hr ([161.53.72.113]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 07 Sep 2010 16:27:28 +0200 Received: from ivoras by lara.cc.fer.hr with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 07 Sep 2010 16:27:28 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-current@freebsd.org From: Ivan Voras Date: Tue, 07 Sep 2010 16:27:19 +0200 Lines: 48 Message-ID: References: <20100906183838.GA3460@tops> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: lara.cc.fer.hr User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.1.9) Gecko/20100518 Thunderbird/3.0.4 In-Reply-To: <20100906183838.GA3460@tops> X-Enigmail-Version: 1.0.1 Subject: Re: RFC: pefs - stacked cryptographic filesystem X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Sep 2010 14:27:32 -0000 On 09/06/10 20:38, Gleb Kurtsou wrote: > Hello, > > I would like to ask for feedback on a kernel level stacked cryptographic > filesystem. It has started as Summer Of Code'2009 project and matured a > lot since then. I've recently added support for sparse files and > switched to XTS encryption mode. I've tried it and so far it works :) > 3. Mount pefs filesystem: > # pefs mount ~/Private ~/Private I see you've used the same example in the man page. Maybe it would be better for educational purposes to use two separate directories, e.g. ~/Private and ~/Decrypted to avoid confusion by new users (of course not all examples need to use this). > 6. Example how to save your key in keychain database. This is probably in line with what rwatson said (and would be covered by the same document): can you describe what keychains actually do? > 7. You can setup pam_pefs (not compiled by default) to add key to home > directory and authenticate against keychain database on login, e.g. by > adding the following line to /etc/pam.d/system before pam_unix.so: > > auth sufficient pam_pefs.so try_first_pass So, this would bypass passwd and let the user in if his password authenticates against the "keychain database" in his home directory? Will it automagically pefs-mount his home directory? > * Uses modern cryptographic algorithms: AES and Camellia in XTS mode, > PKCS#5v2 and HKDF for key generation. I do have an request: since you are already using kernel crypto support, it would be simple to just throw Blowfish in :) If for nothing else, consider it a gift to those who are fond of Blowfish's large key sizes (upto 448 bits). Actually, it would probably be seen as a reflection of consistency to implement the same algorithms that geli(8) implements. geli doesn't implement XTS yet - if your XTS code proves to be stable it would be a good thing to include it as standard and then use it from geli. I see you've copied SHA2 code to the pefs code. What is wrong with just using the kernel's SHA2 implementation?