Passphraseless Disk Encryption Options?
Igor Mozolevsky
igor at hybrid-lab.co.uk
Tue Sep 8 18:27:45 UTC 2015
On 8 September 2015 at 19:14, Li, Xiao <xaol at amazon.com> wrote:
> Hi Igor,
>
> Thanks for the suggestion! I¹m trying to achieve that the data could only
> be accessed in a trusted booted system and cannot be decrypted when the
> startup disk is a cold storage device. Something like FileVault on Mac OS
> X (https://support.apple.com/en-us/HT204837).
Please read Apple's blurb- your logging in unlocks the FileVault; if you
forget your login password (and you haven't set up password recovery) you
data is just a source of entropy. I suspect what they did was that their
uefi loader logs you in and decrypts the drive.
--
Igor M.
More information about the freebsd-hackers
mailing list