Ted Unangst wrote:
On 7/19/08, Chris Kuethe <[EMAIL PROTECTED]> wrote:
- svnd backed by a whole slice on disk
I know some people have done this, but the code doesn't like it. I'd
stick with normal files.
I have done file, partition, and whole disk; each one gets progressively
s
On Sun, 20 Jul 2008, Aaron Stellman wrote:
> Now, on boot, the softraid0 doesn't attach itself to sd0n, perhaps not
> implemented yet? I was wondering if there were any plans to create
> support for crypto devices so that they could be mounted on boot as
> specified in fstab(5).
Yes, but someone
On Sun, Jul 20, 2008 at 12:22:24PM -0700, Aaron Stellman wrote:
> On Sat, Jul 19, 2008 at 11:58:11AM -0500, Marco Peereboom wrote:
> > This might be a good time to try my giant softraid diff that makes
> > crypto useful.
> >
> Hello Marco,
>
> Greatly appreciate your work on softraid(4). I've dec
On Sat, Jul 19, 2008 at 11:58:11AM -0500, Marco Peereboom wrote:
> This might be a good time to try my giant softraid diff that makes
> crypto useful.
>
Hello Marco,
Greatly appreciate your work on softraid(4). I've decided to play around
with Crypto discipline w/ softraid, created 60GB partition
On 7/20/08, Chris Kuethe <[EMAIL PROTECTED]> wrote:
> wrong. if you write just one sector at the end, yes, you'll create a
> sparse file. "dd if=/dev/zero of=image.bin bs=64k" will actually write
> to each and every one of those sectors.
until you cp or tar it. :)
On 7/20/08, Tobias Ulmer <[EMAIL PROTECTED]> wrote:
> Afaik there are (can be?) collisions in images bigger than ~40GB because
> of blowfishs block size.
Right. Unfortunately, the only online reference I could find
indicating the significance of this is wikipedia's talk (!) page for
birthday att
On Sun, Jul 20, 2008 at 3:00 AM, Jonathan Thornburg
<[EMAIL PROTECTED]> wrote:
> ... In contrast, an
>initially-zeroed imagefile would be sparse, with most blocks not
>actually allocated, so I'd need the freespace reserve to make
>imagefile block allocation reasonably fast & vaguely-con
I'd like to publicly thank all those who are contributing to this
thread -- the discussion is very informative.
I suggested initially creating the imagefile with
[5] # dd if=/dev/arandom bs=1m of=/mnt/imagefile count=...
Several people have commented on this from the perspective of
cryptographic
On Sun, Jul 20, 2008 at 12:44:04AM -0400, Ted Unangst wrote:
> On 7/19/08, Tobias Ulmer <[EMAIL PROTECTED]> wrote:
> > > [4] # mount -o softdep /dev/sd0a /mnt
> > > [5] # dd if=/dev/arandom bs=1m of=/mnt/imagefile count=...
> >
> >
> > prepare to wait a few days... there is known plaintext at spe
On 7/19/08, Tobias Ulmer <[EMAIL PROTECTED]> wrote:
> > [4] # mount -o softdep /dev/sd0a /mnt
> > [5] # dd if=/dev/arandom bs=1m of=/mnt/imagefile count=...
>
>
> prepare to wait a few days... there is known plaintext at specific
> locations anyway, disklabel, filesystem metadata,...
very littl
On 7/19/08, Chris Kuethe <[EMAIL PROTECTED]> wrote:
> - svnd backed by a whole slice on disk
I know some people have done this, but the code doesn't like it. I'd
stick with normal files.
On Sat, Jul 19, 2008 at 05:04:44PM +0100, Jonathan Thornburg wrote:
> My laptop (Thinkpad T41p) and I are going to be doing a lot of
> travelling in the next year, so I'm investigating how to
> (cryptographically) improve my security in case of loss/theft/seizure.
> Right now I use cfs (ports) for
If you have some time and a spare disk, why not experiment with the 3
or 4 options available to you before settling on one.
- cfs
- svnd backed by a file in a filesystem
- svnd backed by a whole slice on disk
- softraid w/ crypto
softraid w/ crypto is still kind of a work in progress, but it's ver
This might be a good time to try my giant softraid diff that makes
crypto useful.
On Sat, Jul 19, 2008 at 05:04:44PM +0100, Jonathan Thornburg wrote:
> My laptop (Thinkpad T41p) and I are going to be doing a lot of
> travelling in the next year, so I'm investigating how to
> (cryptographically) im
My laptop (Thinkpad T41p) and I are going to be doing a lot of
travelling in the next year, so I'm investigating how to
(cryptographically) improve my security in case of loss/theft/seizure.
Right now I use cfs (ports) for a few "sensitive" subdirectories, but
95+% of my /home is still cleartext to
15 matches
Mail list logo
