From owner-freebsd-hackers@FreeBSD.ORG  Fri Jul 29 11:52:44 2005
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: freebsd-hackers@freebsd.org
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E1DFA16A41F;
	Fri, 29 Jul 2005 11:52:43 +0000 (GMT)
	(envelope-from phk@phk.freebsd.dk)
Received: from haven.freebsd.dk (haven.freebsd.dk [130.225.244.222])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7BDF643D45;
	Fri, 29 Jul 2005 11:52:43 +0000 (GMT)
	(envelope-from phk@phk.freebsd.dk)
Received: from phk.freebsd.dk (unknown [192.168.48.2])
	by haven.freebsd.dk (Postfix) with ESMTP id A2E38BC66;
	Fri, 29 Jul 2005 11:52:41 +0000 (UTC)
To: Alexander Leidinger <Alexander@Leidinger.net>
From: "Poul-Henning Kamp" <phk@phk.freebsd.dk>
In-Reply-To: Your message of "Fri, 29 Jul 2005 13:45:48 +0200."
	<20050729134548.1cc28dr8gg0k4k0g@netchild.homeip.net> 
Date: Fri, 29 Jul 2005 13:52:40 +0200
Message-ID: <94252.1122637960@phk.freebsd.dk>
Sender: phk@phk.freebsd.dk
Cc: freebsd-security <freebsd-security@freebsd.org>,
	"Ronnel P. Maglasang" <rmaglasang@infoweapons.com>,
	Pawel Jakub Dawidek <pjd@freebsd.org>,
	freebsd-hackers <freebsd-hackers@freebsd.org>,
	freebsd-geom <freebsd-geom@freebsd.org>
Subject: Re: booting gbde-encrypted filesystem 
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jul 2005 11:52:44 -0000

In message <20050729134548.1cc28dr8gg0k4k0g@netchild.homeip.net>, Alexander Leidinger writes:
>Pawel Jakub Dawidek <pjd@freebsd.org> wrote:
>
>> This is not not possible with current GBDE.
>> I've patches which allows this here:
>>
>> 	http://people.freebsd.org/~pjd/patches/gbde.patch
>
>I fail to see how this allows an encryted root-FS, it doesn't add gbde
>support to boot0(ext) or to the loader. It needs access to an unencrypted
>kernel. I don't think this is what Ronnel had in mind (overlooking the fact
>that his suggestion to save the passphrase in the loader is insecure).

There is a difference between loading the kernel from an encrypted volume
(very hard!) and mounting the root filesystem from an encrypted volume
(possible with pawels patch.

Now of course, if your kernel has been trojaned, you're in trouble, but
then again, most people just worry about their data if the machine gets
stolen.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.