发件人: owner-m...@openbsd.org 代表 Shadrock Uhuru
发送时间: 2023年11月28日 09:23
收件人: openbsd
主题: Re: a couple question about my fde setup
>>From: Nick Holland
>>To: misc@openbsd.org
>>Date: Mon, 20 Nov 2023 07:47:40 -0500
>>Subject: Re: a couple question about
inaccessible.
Neither the OpenBSD disk FAQ nor the man pages for softraid(4) or
bioctl(8) have anything to say about the matter. Web searches also
turn up no relevant information.
Thanks,
Nathan Carruth
Thank you for the response.
I am with you 100% on backups. My real question was, How
does one backup crypto volume metadata? Given that
it can be backed up, clearly it should be, but there is no
information in any of the cited documentation as to where
the metadata is or how to back it up.
Thanks
ile I agree with you that there are
definite security risks in backing up such metadata, surely
the decision as to what to do ought to be left to the end user,
rather than being enforced by lack of documentation?
Thanks!
Nathan
On 1/2/23 23:54, Nathan Carruth wrote:
> Thank you for the response
Thank you for your response.
To clarify: I am not asking about backups proper
(though I appreciate the suggestions). My only
question is how to make a copy of the crypto metadata.
On 2023-01-03, Nathan Carruth wrote:
> I am with you 100% on backups. My real question was, How
> does one
there aren’t any standard tools for doing any
of this? If there is, it is probably all I need.
On Thu, Jan 05, 2023 at 05:13:05AM +, Nathan Carruth wrote:
> I presume that OpenBSD also writes on-disk metadata of the
> same sort somewhere. Where?
Look at /usr/src/sys/dev/softraidvar.h
> On 2023-01-05, Nathan Carruth wrote:
>> Thank you for your response.
>>
>> To clarify: I am not asking about backups proper
>> (though I appreciate the suggestions). My only
>> question is how to make a copy of the crypto metadata.
>
>dd the start of t
None of those issues are of the form “a hundred bad bytes will
permanently and irrevocably destroy all data on your entire disk”.
Unless I am mistaken, crypto header corruption is.
On Jan 05 22:22:44, n.carr...@alum.utoronto.ca wrote:
> Given that one of the goals of the OpenBSD project is to pr
stay secure,
Nathan
>Nathan Carruth writes:
>> permanently and irrevocably destroy all data on your entire disk”.
>
>This is a feature. More so, it's the very point in an encrypted
>filesystem. If you haven't planned for this failure scenario then
>what are you doing
>On Sat, Jan 07, 2023 at 02:33:31PM +0000, Nathan Carruth wrote:
>>The way I see it, this depends on one's use case.
>>There certainly are cases where it is important to be able
>>to irrevocably destroy all data in an instant. But there are
>>also use cases where
10 matches
Mail list logo
