Re: Getting GELI Keys from Floppy

[Matt Piechota]

On Thu, 7 Sep 2006, Frank Steinborn wrote:


I could use /dev/fd0 directly but then I had to use the same key for
all 6 HDD's in the server. I got a solution by hacking /etc/rc.d/geli
- I'm just mounting the floppy there before it tries to read the key.


You could read different parts of the floppy for different keys.

Speaking of which, do the keys have any identifiable strings in them?  If 
not, you could fill the floppy with random garbage and 'hide' the key. 
I'm assuming since you don't want a password you don't want the boot to 
require interaction so it's not that useful, but if nothing else it would 
help if someone got access to the floppy (remotely or by physical access).


--
Matt Piechota
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re:

[Matt Piechota]

On Tue, 12 Nov 2002, dima wrote:

> > cc: Internal compiler error: program cc1 got fatal signal 11
> > *** Error code 1
> it was a well known hardware stress-test several years ago; i mean
> running gcc on large chunks of code. signal 11 points @ hardware probs,
> usually the RAM ones.

I had a system htat was doing that: an AMD K6-2 that turning off APM in
the kernel and BIOS seemed to fix.

-- 
Matt Piechota


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message