OpenBSD Journal

OpenBSD Encrypted Virtual Filesystem Mini-HOWTO

Contributed by jose on from the you-can't-see-my-bits dept.

Kyle Amon writes :
"Since there did not seem to be much info around about using encrypted virtual filesystems with OpenBSD. I started up the following... OpenBSD Encrypted Virtual Filesystem Mini-HOWTO Maybe someone will find something usefull in it. "
Sometimes you just don't want to have anyone else see your data, and this provides a convenient way to keep it private.

(Comments are closed)

  1. By Anonymous Coward () on

    this is still a kludge at best. I doesn't make me think that it is ready for real production use, like the rest of OpenBSD. OpenBSD's moto is "encryption everywhere". That is a great moto and OpenBSD should apply it. That means encryption should be built straight into the regular FS code. We don't need to go through any kind of loopback device for encrypted swap, right? It should be no different for regular file systems. Also, this would solve the problems of corruption on an unclean shutdown. If you need to keep a database of financial transactions encrypted, and it got corrupted, this could be a big problem.

    OpenBSD also has tcfs, which has been unchanged, and marked "experimental", for two years. So now OpenBSD has two not-ready-for-prime-time encrypted FSes.

    To me this is a shame because OpenBSD is "encryption everywhere", high security, and top quality, and yet here we have an area where encryption isn't used in a quality way.

    Even sadder, both Mandrake Linux and Windows XP ship with good, solid implementations of FS crypto. How can those two be ahead of OpenBSD in anything related to security???

    1. By Gioffreus () on

      some prob with your mail system?
      550 5.1.1 ... User unknown

      anyway, perhaps a small correction to clarify a bit better...

      > Once the foregoing is done, the partition/s of the cryptfile virtual
      > disk can be mounted for use like any normal filesystem. The password
      > will have to be provided, of course, upon each mount attempt in order
      > to successfully make the mount.

      i believe this could possibly confuse someone who has never done this
      before. a person *might* think mount(8) would be asking for the key
      when in fact the only time "encryption key" needs to be provided is
      when a person does `vnconfig -k ...' the first time AND thereafter.

      for example, you can do a `umount ...' then a `mount ...' without
      providing the "encryption key" again. only *after* you have done a
      `vnconfig -u /dev/svnd0c' will you subsequently have to provide the
      key in order to use it again.

      1. By Gioffreus () on

        oops, i replied to the wrong post! sorry...
        should be under top level *not* in reply to: "Re: Good to see this being addressed, but..."

        sorry again
        call me monkey =)

      2. By Kyle Amon () on

        Thanks. Indeed you are correct about this subtle
        point. My bad. I will clearify this point asap.
        Today or tomorrow.

        -- Kyle

        P.S. And, actually, there is nothing really wrong
        with my mail server other than the fact that I
        left it half upgraded from OBSD 3.0 to 3.1 this
        morning and then went to sleep. :-) I'm finishing
        the upgrade now though so it will start working
        again soon. Sorry.

    2. By Anonymous Coward () on

      At the moment I'm using TCFS on my OpenBSD workstation. It works quite fine.
      I'd like to see Rubberhose ported to OpenBSD. There already is a port to {Net,Free}BSD. The ideas behind Rubberhose are way cool.

      1. By Gioffreus () on

        > ... TCFS on my OpenBSD workstation

        do you mean as in mount_tcfs(8) ? hmmm, i might have to give it a go...

      2. By Anonymous Coward () on

        Rubberhose, tcfs, and full FS crypto are all countermeasure to different, but related attacks. I agree, OpenBSD can only benefit from having these security options.

        TCFS is ok for some things, but in my mind, there is still no excuse for not being able to do mount -k.

  2. By pixelfairy () on mailto:pixel[shitft +2] [not photoshop] org(y)

    this works nicely for /home as of 2.9 (save for space limitations) but of course, you have to be even more carefull with backups since the file system can be so easily damaged. great for laptops.


Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]