|
OpenBSD Security Functionally paranoid! |
|
Thread Tools | Display Modes |
|
|||
How to set an on-boot passphrase ?
Hi !
Is it possible to set a boot passphrase wether the system is wd* of sd* ? Much thanks. |
|
|||
Explain.
|
|
|||
Like in Debian for instance , one can set a passphrase before they can resume booting into the system ..for both IDE/ATA or SCSI
|
|
|||
Quote:
While most BIOS'es today will allow some control over what boot device will allowed, the implementation of password protection at the BIOS level is generally not sophisticated -- either the password provided matches what is stored or it does not. If you are wanting control over what device or operating system is booted, what you are ultimately searching for is a boot manager, but these are frequently limited to choosing which operating system is selected on the boot hard drive. |
|
|||
@jggimi , @ocicat , Thank you very much !!
I'm sorry for the bad articulation & the typo .. I have several OpenBSD boxes .. some are SATA disks and some are just flash sticks .. at times I change disks (for the same laptop) .. they are not encrypted nor have passphrases .. what I was asking about : a way to set a passphrase to use at the initial boot phase.I would hope the passphrase would still be asked for when trying to boot the respective disk using another machine (other laptop/server) .. Then would using that passphrased disk -this time not as a boot OS but as an sd** - be mountable without having to supply a passphrase ? if yes then how would I force using a passphrase ? (I want to prevent intruders from booting/mounting my disks .. yet +security when physical security is gone :-) ) |
|
|||
Quote:
|
|
|||
bioctl needs a fresh and clean drive right ? which is not my the case.
|
|
|||
The information on your disks will be there regardless if you have some weird boot-password or not. So if you lose physical security, you lose everything that is on those disks.
Like already has been mentioned, you need to look into bioctl -C. |
|
||||
On this netbook, I have /home encrypted. The fstab(8) entry has both "noauto" and 0 for fs_passno.
Code:
3f76e758fbb26404.a /home ffs rw,nodev,nosuid,softdep,noauto 1 0 Code:
# mount /home until bioctl -c C -l /dev/sd0g softraid0; do done fsck -p /home mount /home Last edited by jggimi; 16th September 2012 at 12:27 PM. Reason: clarity |
|
|||
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Where's boot? | Senjogahara | NetBSD Installation and Upgrading | 7 | 16th October 2010 10:26 PM |
Silent Boot | arch | FreeBSD General | 3 | 15th November 2008 07:00 PM |
XP won't boot | PatrickBaer | FreeBSD General | 5 | 3rd October 2008 12:45 PM |
dual boot | buba | OpenBSD General | 2 | 5th August 2008 11:32 AM |
Dual-boot laptop won't boot OpenBSD after upgrade to 4.3 | kbeaucha | OpenBSD Installation and Upgrading | 17 | 30th May 2008 02:40 PM |