View Single Post
  #1   (View Single Post)  
Old 25th December 2014
22decembre 22decembre is offline
Port Guard
 
Join Date: Dec 2014
Posts: 42
Default whole disk encryption

I recently bought a small netbook. It works quite fine under openbsd.

Code:
$ uname -a
OpenBSD musen.22decembre.eu 5.6 GENERIC.MP#299 i386
$ sysctl kern                                                                  
kern.ostype=OpenBSD
kern.osrelease=5.6
kern.osrevision=201411
kern.version=OpenBSD 5.6 (GENERIC.MP) #299: Fri Aug  8 00:10:33 MDT 2014
    deraadt@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
At first I wanted to install on an encrypted disk. I could not manage it. So I finished the install in normal mode.

I just succeed in setting an encrypted partition.

Here is the disklabel of the physical disk :

Code:
# /dev/rsd0c:
type: SCSI
disk: SCSI disk
label: WDC WD800BEVS-00
duid: 39ac47a59a78a464
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 9729
total sectors: 156301488
boundstart: 64
boundend: 156296385
drivedata: 0

16 partitions:
#                size           offset  fstype [fsize bsize  cpg]
  a:          2097152               64  4.2BSD   2048 16384    1 # /
  b:          2599424          2097216    swap                   # none
  c:        156301488                0  unused
  e:         12538880         13085248  4.2BSD   2048 16384    1 # /var
  f:          4194304         25624128  4.2BSD   2048 16384    1 # /usr
  h:         10488640         29818432  4.2BSD   2048 16384    1 # /home
  i:         20964838         40307072    RAID
I can decrypt the encrypted part :

Code:
# bioctl -c C -l /dev/sd0i softraid0
Passphrase: 
softraid0: CRYPTO volume attached as sd2
Here is the disklabel of the encrypted part :

Code:
# /dev/rsd2c:
type: SCSI
disk: SCSI disk
label: SR CRYPTO
duid: a751c8ec1c6976ed
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 1304
total sectors: 20964310
boundstart: 64
boundend: 20948760
drivedata: 0

16 partitions:
#                size           offset  fstype [fsize bsize  cpg]
  c:         20964310                0  unused
  d:         20948672               64  4.2BSD   2048 16384    1
... and when I try to mount the part d with a ffs, using either sd2d or the duid :

Code:
# mount a751c8ec1c6976ed.d /mnt/target/                                                            
mount_ffs: a751c8ec1c6976ed.d on /mnt/target: Invalid argument
I aim at mounting the whole system, copy it into the new encrypted partition and setup the boot after. But I can't copy it currently.

What do I do wrong ?

Thank you for your answer and merry christmas, happy new year...

Last edited by ocicat; 5th January 2015 at 03:29 PM. Reason: Edited out profanity -- forbidden in the forum rules.
Reply With Quote