DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 25th December 2014
22decembre 22decembre is offline
Port Guard
 
Join Date: Dec 2014
Posts: 42
Default whole disk encryption

I recently bought a small netbook. It works quite fine under openbsd.

Code:
$ uname -a
OpenBSD musen.22decembre.eu 5.6 GENERIC.MP#299 i386
$ sysctl kern                                                                  
kern.ostype=OpenBSD
kern.osrelease=5.6
kern.osrevision=201411
kern.version=OpenBSD 5.6 (GENERIC.MP) #299: Fri Aug  8 00:10:33 MDT 2014
    deraadt@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
At first I wanted to install on an encrypted disk. I could not manage it. So I finished the install in normal mode.

I just succeed in setting an encrypted partition.

Here is the disklabel of the physical disk :

Code:
# /dev/rsd0c:
type: SCSI
disk: SCSI disk
label: WDC WD800BEVS-00
duid: 39ac47a59a78a464
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 9729
total sectors: 156301488
boundstart: 64
boundend: 156296385
drivedata: 0

16 partitions:
#                size           offset  fstype [fsize bsize  cpg]
  a:          2097152               64  4.2BSD   2048 16384    1 # /
  b:          2599424          2097216    swap                   # none
  c:        156301488                0  unused
  e:         12538880         13085248  4.2BSD   2048 16384    1 # /var
  f:          4194304         25624128  4.2BSD   2048 16384    1 # /usr
  h:         10488640         29818432  4.2BSD   2048 16384    1 # /home
  i:         20964838         40307072    RAID
I can decrypt the encrypted part :

Code:
# bioctl -c C -l /dev/sd0i softraid0
Passphrase: 
softraid0: CRYPTO volume attached as sd2
Here is the disklabel of the encrypted part :

Code:
# /dev/rsd2c:
type: SCSI
disk: SCSI disk
label: SR CRYPTO
duid: a751c8ec1c6976ed
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 1304
total sectors: 20964310
boundstart: 64
boundend: 20948760
drivedata: 0

16 partitions:
#                size           offset  fstype [fsize bsize  cpg]
  c:         20964310                0  unused
  d:         20948672               64  4.2BSD   2048 16384    1
... and when I try to mount the part d with a ffs, using either sd2d or the duid :

Code:
# mount a751c8ec1c6976ed.d /mnt/target/                                                            
mount_ffs: a751c8ec1c6976ed.d on /mnt/target: Invalid argument
I aim at mounting the whole system, copy it into the new encrypted partition and setup the boot after. But I can't copy it currently.

What do I do wrong ?

Thank you for your answer and merry christmas, happy new year...

Last edited by ocicat; 5th January 2015 at 03:29 PM. Reason: Edited out profanity -- forbidden in the forum rules.
Reply With Quote
 

Tags
crypto, softraid0

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Reliability concerns on full disk encryption virtuvoos OpenBSD Security 4 31st October 2013 11:06 PM
FreeNAS 8.3.1 introduces full disk ZFS encryption J65nko News 0 22nd March 2013 02:54 AM
Security: Encryption: Disk Encryption eurovive Other BSD and UNIX/UNIX-like 17 6th March 2010 04:09 AM
Full disk encryption with Loop-AES deviant085 OpenBSD Security 9 23rd November 2009 12:51 AM
Disk geometry for Seagate disk phreud FreeBSD Installation and Upgrading 5 8th November 2008 10:51 PM


All times are GMT. The time now is 11:16 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick