[nycbug-talk] encrypt home space

G T unixenigma
Fri Dec 10 13:03:33 EST 2004 

I could be wrong but I did try 2 different approaches
one was cfs, second was vnode.
I found that  CFS supports DES which is insecure
because the key is to short, 3DES which can be 
considered secure but is painfully slow. DES is 56bit
and 3DES is slow but 168bit however it is effectively 
providing security only of 112 Bit encryption. You can

implement Blowfish I think - never tried it though but
read that it does have problems.
Vnode is very fast and I think is reliable - however
it 
is more work and there is a problem during systems 
crashes, fdisk cant check the drive for errors or
something I forgot, but there is plenty information on

the topic.
Hope I wasn't completely off the topic :)
Thanks
Sincerely,
GT
--- michael <lists at genoverly.net> wrote:

> Talk,
> 
> I wanted to create an encrypted home and swap space
> on my laptop.  In
> case it is ever lifted... you know.   I have FreeBSD
> on my laptop.  
> 
> I started by revisiting Roland Dowdeswell: NetBSD
> crypto disk.
> http://nycbug.org/index.php?NAV=Home&SUBM=20 
> 
> I found cfs in ports:
>
http://www.freebsd.org/cgi/url.cgi?ports/security/cfs/pkg-descr
> 
> then checked Dan's diary and found an article from
> many years ago:
> http://www.freebsddiary.org/encrypted-fs.php
> 
> There is also an article for little usb thumb
> drives:
> http://bsdnews.org/03/cryptusb.php
> 
> The Handbook has a chapter on gbde:
>
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/disks-encrypting.html
> "Unlike cumbersome encryption methods that encrypt
> only individual
> files, gbde transparently encrypts entire file
> systems. No cleartext
> ever touches the hard drive's platter."
> 
> I really liked Roland's talk.  I may be wrong but,
> cgd seems NetBSD
> specific. Because of that, I'm leaning toward gbde.
> Has anyone tried
> something similar to what I'm talking about? 
> 
> Michael
> 
> -- 
> ---
> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce
> lists
> %We meet the first Wednesday of the month
> 



		
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - Find what you need with new enhanced search.
http://info.mail.yahoo.com/mail_250

More information about the talk mailing list