Jeff Palmer wrote:
Hello,
Let me preface the email by saying I'm not overly familiar with geli, and
it may already have the ability to do what I'm about to describe.
The scenario: A FreeBSD based appliance at a customer premise. The
customer really can't be trusted not to disasemble the box, and gain
knowledge about the box configuration, software, and design.
The idea: I'd like to use geli to encrypt *everything* on the disk. So
if someone (a competitor maybe) removes the disk from the machine, he
can't gain any data off of it easily. I know nothing is 100%, but why
make the process easy for him?
The problem: I don't want the end user to have to do anything to the box,
to have it "come back up" after a reboot/power failure. The goal is an
appliance that the client just plugs in, and forgets about it.
The plan: the appliance would be persistantly connected to an SSL based
VPN server at my central office. (Think OpenVPN server) I'd like a way
for geli to encrypt the entire disk, but fetch the key from a server
located on the VPN. this would require the appliance to boot up, access
the internet (static IP), access the VPN (ssl key'd) and fetch the key
that geli needs.
I think its possible,
Geli is a great crypto subsystem but I would say you would have to come
half way and have probably the base FreeBSD system use a passphraseless
Geli key just for the base system, and a second passphrase protected
second file system that would hold the really important stuff, this
still prevents your customer from having to do anything.
You could symlink bits of the file system that don't prevent it from
booting into your passphrase protected second geli file system, this
would be needed if you need base bits of FreeBSD extra encrypted.
Once the box is up it can be reached via VPN and you could script it so
the another machine connects in via VPN and auto enters the Geli private
key passphrase and mounts the encrypted file system.
The security would be based around how strong the passphrase is to
protect your private key for the second Geli filesystem compared to
someone else just getting access to the private key.
Mike
Is this currently possible using geli (or even other software that I may
not have heard of) or if not, would it be overly difficult to
implement?
Any feedback or brainstorming would be GREATLY appreciated.
DrkShdw @ freenode (##FreeBSD)
P.S. Sorry for the cross post from questions@, I realized hackers@
would probably be more suited to this discussion.
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
