View Single Post
  #4   (View Single Post)  
Old 16th September 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Yes.

At the BIOS level, portable workstations may have security passwords that can be set for the workstation itself. They may not be resettable if lost without a trip to the vendor; check your laptop/netbook BIOS documentation carefully.

Portable drive electronics may also have password protection, the ATA standard calls this "Security Mode" and not all drives have them. These may be set from the BIOS, or, for exampe, from atactl(8). HEED THE WARNINGS in that man page andi n your BIOS manual. There are two levels of password; user and master. Loss of both passwords will mean more than data loss, it will mean loss of the device.
(If I recall correctly, recovery without the user password requires a data security erase, which wipes the drive, and this recovery function requires the master password if one has been set.)
Simple password protection at boot can be performed by multiboot tools, such as GAG. These are easily defeatable by booting another device, or inspecting the boot blocks -- at least with GAG, the passwords are in plaintext.

-------

OpenBSD-specific solutions are also possible, such as encrypting partitions with softraid(4)/bioctl(8) that use keydisks and/or passphrases.
Reply With Quote