On Sun, Nov 23, 2008 at 07:39:37PM +0100, vincent wrote: > Following this old thread (Feb 08) > http://marc.info/?l=openbsd-misc&m=120345491121853&w=2 , > I'm wondering what's the status of booting with root filesystem in > softraid in 4.4 or in -current. It was said by Marco Peereboom in the > same thread that this was planned.
And it is still planned. The folks involved have that thing called life in the way. > > I wanted to test new softraid crypto of OpenBSD for full disk > encryption, but I'm not able to find anything on using initial ramdisks > like Linux can do to mount the encrypted root. Is it possible to get the > softraid online before mounting the root filesystem, or remount it over > then? With linux I do this with an USB drive, and I hope I can do it > with PXE for OpenBSD. You can't find anything because it isn't there yet. > > > Also, just a few questions about the crypto softraid: what's the > encryption method used by default? XTS+AES? Can it be changed? Are there > others? Is it possible to keep the keys out of the drive, like Linux' > loop-aes can do, or do they have to stay, like dm-crypt? AES XTS is the algorithm and no it can't and won't be changeable. The keys are on the drive but are encrypted and are therefore unrecoverable without the password. At some point we will add more functionality to change password and some other things. FWIW, OpenBSD is not "like" Linux and never strives to be.
