Re: entering geli passphrase only once at FreeBSD boot

From: Mehmet Erol Sanliturk <m.e.sanliturk_at_gmail.com>
Date: Sun, 09 Jan 2022 13:07:12 UTC
On Sun, Jan 9, 2022 at 1:25 PM Steve O'Hara-Smith <steve@sohara.org> wrote:

> On Sun, 9 Jan 2022 10:00:51 +0000
> Taceant Omnes <taceant@gmail.com> wrote:
>
> > Is there a way to enter the passphrase only once in FreeBSD that does
> > not involve storing it in a file?
>
>         My solution was to log in after boot and run a script - less than
> elegant but possible to do remotely if I was away during a power outage
> (happened once). I've since given up on using encrypted drives, after a
> scare when one drive became inaccessible after an outage due to geli
> errors.
>
>         Another option would be to run something in rc.local that disables
> getty on the console and uses /dev/ttyv0 directly which forces it to be
> done by someone with physical access. A very flashy (pun intended) option
> would be to put the key on a USB stick and do some devd magic to spot it
> and do the necessary before talking out of the speaker.
>
> --
> Steve O'Hara-Smith <steve@sohara.org>
>



My idea is to use  square barcode for such requirements with a square
barcode
reader . Up to now I could not find an opportunity to do it .

There are programs to draw a square barcode from a given character string
and
printing it is possible . I am not a user of new generation cell phones ,
but I
think it may be possible to use a cell phone to generate , store and show
the square
barcode to the required square barcode reader .  If the square barcode name
is not self-revealing , it is likely that no one will be able to understand
what it is about .

Perhaps there are other possibilities for such an approach ?

Just an alternative idea ...



With my best regards ,



Mehmet Erol Sanliturk