On 2017-02-06, Tinker wrote:
> How use a HDD as crypto softraid root filesystem media, but put boot
> code and cryto softraid keydisk partition (and perhaps /boot file and/or
> kernel) on an USB disk?
Create a bootable OpenBSD area with two OpenBSD partitions on the
USB
On 2017-02-06, Tinker wrote:
> The following is for AMD64 though I'd guess that a similar approach
> would be possible on other platforms also.
>
> The boot sequence with MBR is:
>
> MBR: Load PBR (unencrypted)
>
> PBR: Load /boot (encrypted)
/boot is not
Perhaps I should point out that the only reason I suggested installing
OpenBSD on the stick here was for recovery purposes, and for installing
the boot loader.
The boot loader allows you to select the HDD you have at the start. So
edit /etc/boot.conf *on the stick* as follows:
boot sr0a:/bsd
On 2017-02-06 08:40, bytevolc...@safe-mail.net wrote:
Perhaps I should point out that the only reason I suggested installing
OpenBSD on the stick here was for recovery purposes, and for installing
the boot loader.
The boot loader allows you to select the HDD you have at the start. So
edit
Bytevolcano,
Maybe I have a more effective solution at hand, what do you think about
this:
The following is for AMD64 though I'd guess that a similar approach
would be possible on other platforms also.
The boot sequence with MBR is:
MBR: Load PBR (unencrypted)
PBR: Load /boot
There is still an elephant in the room.
What if someone has physical access to your machine's USB ports, and
decides to boot something nasty from it, which in turn modifies the
firmware in your system (very likely to be possible due to stupid
"consumer-grade" junk like UEFI or OS-flashable BIOS
Bump! Again:
How use a HDD as crypto softraid root filesystem media, but put boot
code and cryto softraid keydisk partition (and perhaps /boot file and/or
kernel) on an USB disk?
Thanks,
Tinker
On 2017-02-02 10:27, Tinker wrote:
Hi!
I would like to have my system set up as follows:
* My
On 2017-02-02 10:27, Tinker wrote:
..
My motivation here for wanting the boot code on the USB stick, is that
I trust the USB stick more than my harddrive.
Motivation:
What I meant to say here is that I like the notion of the harddrive as
unsecure by definition, so that I only will trust its
Hi!
I would like to have my system set up as follows:
* My USB memory card contains the boot code (MBR etc.) and the softraid
crypto keydisk partition.
And maybe the kernel.
* My HDD contains the root filesystem in a crypto softraid. (And no
boot code!)
How do I make this so?
The
9 matches
Mail list logo