Chicken and egg, encrypted root FS on remote server
Paul Schenkeveld
freebsd at psconsult.nl
Wed Feb 20 07:47:02 UTC 2013
On Wed, Feb 20, 2013 at 02:42:57AM -0500, Jason Hellenthal wrote:
> Just a thought with no working example but…
>
> bootp / tftp - from a remote secured management frame to TX a key filesytem to unlock your rootfs.
>
> Could be something as simple as a remote wireless adhoc server with a 64GB thumbdrive to hold your data or just enough to tell the system where to get it.
>
> Considering a key can be any length string of a sort just to say but... Serve the rootfs key directly from a TXT out of a secured DNS zone only visible to so said machines.
Thank you but manual entry of the passprase is a prerequisite here so
serving the key automatically is not an option.
With kind regards,
Paul Schenkeveld
More information about the freebsd-hackers
mailing list