On 12/6/05, Zachery Hostens <[EMAIL PROTECTED]> wrote:
> can images be mounted over themselves ? :x
yes
can images be mounted over themselves ? :x
On Sun, 4 Dec 2005 17:24:01 +, Lums Bruno <[EMAIL PROTECTED]> wrote:
> Alexander Farber wrote:
I have one suggestion: if a user logs in and the path to home dir
in the /etc/passwd is actually pointing to a file, then it is
encrypted
>>
Alexander Farber wrote:
I have one suggestion: if a user logs in and the path to home dir
in the /etc/passwd is actually pointing to a file, then it is
encrypted
Ok, maybe not so excellent, because where that would be mounted :-/
In the parent directory: /home/lbruno/image.vnd -> /home/lbrun
The easiest way would be to look for a file $USER.key in /home. If it
exists, look for a corresponding $USER.img file somewhere and mount it
on /home/$USER. This way you won't have to do anything special for a
certain user except changing his login-facility used. And you don't
twist semantics.
As
Ok, maybe not so excellent, because where that would be mounted :-/
On 12/3/05, Zachery Hostens <[EMAIL PROTECTED]> wrote:
> excellent idea. this is a perfect solution.
>
> On Fri, 2 Dec 2005 23:02:12 +0100, Alexander Farber <[EMAIL PROTECTED]> wrote:
> > I have one suggestion: if a user logs in
excellent idea. this is a perfect solution.
the only issue would be now is where to put/handle the key file,
maybe $HOME.key or something :x
everyone says this shouldnt be put into bsd itself and something that can lay
on top of it. i for one would see this as a big step for user security. th
I have one suggestion: if a user logs in and the path to home dir
in the /etc/passwd is actually pointing to a file, then it is encrypted
>>oh, like putting it in the gecos field? that'd be kinda cool.
I like that idea..
But what are you doing if you want to transfer your crypted dir to
another machine? Will be definitely harder to squeeze the bits out of
the gecos. And you probably get a high probability of funny terminal
behaving
On Thu, Dec 01, 2005 at 10:07:28PM +0100, Alexander Farber wrote:
> On 12/1/05, Zachery Hostens <[EMAIL PROTECTED]> wrote:
> > he is saying use a random key for the disk. and encrypt this key with your
> > password. so changing your account password you just have to re-encrypt
> > the disk key.
>On 12/1/05, Zachery Hostens <[EMAIL PROTECTED]> wrote:
>> he is saying use a random key for the disk. and encrypt this key
with your
>+password. so changing your account password you just have to
re-encrypt the
>+disk key.
>
>oh, like putting it in the gecos field? that'd be kinda cool.
Yes
On 12/1/05, Zachery Hostens <[EMAIL PROTECTED]> wrote:
> he is saying use a random key for the disk. and encrypt this key with your
> password. so changing your account password you just have to re-encrypt the
> disk key.
Where will that random disk key be kept?
And isn't user password encryp
> >I thought about a way of de-/encrypting home-directories transparently to
> >users. I've got a vague idea how to realize this in a reasonable way:
Excally I would like to see it in way, that when OpenBSD boots up, you must
enter encryption password, and then everything mounts etc.
Of course th
On 12/1/05, Zachery Hostens <[EMAIL PROTECTED]> wrote:
> he is saying use a random key for the disk. and encrypt this key with your
> password. so changing your account password you just have to re-encrypt the
> disk key.
oh, like putting it in the gecos field? that'd be kinda cool.
he is saying use a random key for the disk. and encrypt this key with your
password. so changing your account password you just have to re-encrypt the
disk key.
kind of like your passwd protected gpg private key.
- Zac
On Thu, 1 Dec 2005 11:14:59 -0800, Ted Unangst <[EMAIL PROTECTED]> wrote
On 12/1/05, dreamwvr <[EMAIL PROTECTED]> wrote:
> >I thought about a way of de-/encrypting home-directories transparently to
> >users. I've got a vague idea how to realize this in a reasonable way:
> >
> >* Generate a key, associate it with a new svnd-image, prepare the image
> >* Encrypt the
>I thought about a way of de-/encrypting home-directories transparently to
>users. I've got a vague idea how to realize this in a reasonable way:
>
>* Generate a key, associate it with a new svnd-image, prepare the image
>* Encrypt the key with the users login password, store it in /home
>* On log
On 12/1/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> As for some time, the size limit was on
> 8,2G, but according to a documentation that was posted at undeadly.org,
> this limitation doesn't exist anymore. I haven't verified it myself,
> though.
A 140 gig file seems to work fine here:
gat
> a. what is svnd? (srry :x)
The Vnode disk driver. See man vnd.
> 2. what fs is mountable and dynamic in size?
>your suggesting mounting each seperate users home on login, though this
> would (based on all of my knowledge of current filesystems) that it
> would have to be of a static size.
few kinks and one question.
a. what is svnd? (srry :x)
2. what fs is mountable and dynamic in size?
your suggesting mounting each seperate users home on login, though this
would (based on all of my knowledge of current filesystems) that it would have
to be of a static size. for quotas this
On Thu, Dec 01, 2005 at 01:48:12AM +0100, [EMAIL PROTECTED] wrote:
> Hi guys,
>
> I thought about a way of de-/encrypting home-directories transparently to
> users. I've got a vague idea how to realize this in a reasonable way:
>
> * Generate a key, associate it with a new svnd-image, prepare the
Hi guys,
I thought about a way of de-/encrypting home-directories transparently to
users. I've got a vague idea how to realize this in a reasonable way:
* Generate a key, associate it with a new svnd-image, prepare the image
* Encrypt the key with the users login password, store it in /home
* On
21 matches
Mail list logo
