On 06/15/2012 09:39 AM, Aaron Zauner wrote:
AFAIK you'd need something similary to initrd (http://en.wikipedia.org/wiki/Initrd), which, to the best of my knowledge, does not currently exist in freebsd.
Even that leaves the initrd (and /boot) unencrypted (as in Linux). The Windowsy ones I've seen appear to load the decryption driver right out of the MBR and work from there. I haven't done detailed investigation on it, but I think TrueCrypt does work this way and is FOSS (although with their own license that requires attribution and whatnot).
http://www.truecrypt.org/legal/license -- Matt Piechota _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
