On Fri, Jun 15, 2012 at 04:22:18PM -0400, Robert Simmons wrote: > On Fri, Jun 15, 2012 at 5:31 AM, Alaksiej Carniajeu <[email protected]> wrote: > > Hi, > > > > It's not possible. But, you could have your /boot on a bootable > > usbstick, together with some keyfiles, and start from it. From > > security point of view, it is even better, than the whole drive > > encryption TrueCrypt offers, because the former relies on password > > only. > > This is what I thought. Now, if I wanted to add this functionality, I > would need to modify: > /head/sys/boot/i386/pmbr/pmbr.s > and > /head/sys/boot/i386/gptboot/gptboot.c
I'd leave pmbr.s alone, it is definiately too early to play with decryption. You need to modify gptboot and loader for UFS or gptzfsboot and zfsloader for ZFS. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://tupytaj.pl
pgpd54F1YEFCu.pgp
Description: PGP signature
