Automatic unencryption using /etc/fstab
Alexandre Leonenko
alex at esecuredata.com
Mon Mar 11 08:53:01 UTC 2019
Thanks!
________________________________
From: Polytropon <freebsd at edvax.de>
Sent: Monday, March 11, 2019 1:40:20 AM
To: Alexandre Leonenko
Cc: freebsd-questions at freebsd.org
Subject: Re: Automatic unencryption using /etc/fstab
On Mon, 11 Mar 2019 08:20:46 +0000, Alexandre Leonenko wrote:
> Is it possible to use /etc/fstab to point to encryption key file
> to unencrypt a second drive on boot up?
>
> The idea that / root is already encrypted and the file will be
> as well. I want to avoid entering passwords multiple time for
> few different drives.
>
> I know Linux can already do that with the LUKS encryption and
> was wondering if same thing is possible on FreeBSD.
I think FreeBSD supports this approach natively for decades now.
Check "18.12.2. Disk Encryption with geli" in The FreeBSD Handbook:
https://people.freebsd.org/~rodrigc/doc/handbook/disks-encrypting.html
It is possible to use a key file without a passphrase and use it
in an automatic decrypt + mount scenario, but be aware of the
security implications. ;-)
--
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
More information about the freebsd-questions
mailing list