Re: How boot HDD-side crypto softraid from (bootable) USB disk? (AMD64/ARM. Currently installboot fails with "cross-device install"!..)

On 2017-02-06, Tinker wrote: > How use a HDD as crypto softraid root filesystem media, but put boot > code and cryto softraid keydisk partition (and perhaps /boot file and/or > kernel) on an USB disk? Create a bootable OpenBSD area with two OpenBSD partitions on the USB

Re: How boot HDD-side crypto softraid from (bootable) USB disk? (AMD64/ARM. Currently installboot fails with "cross-device install"!..)

On 2017-02-06, Tinker wrote: > The following is for AMD64 though I'd guess that a similar approach > would be possible on other platforms also. > > The boot sequence with MBR is: > > MBR: Load PBR (unencrypted) > > PBR: Load /boot (encrypted) /boot is not

Re: How boot HDD-side crypto softraid from (bootable) USB disk? (AMD64/ARM. Currently installboot fails with "cross-device install"!..)

Perhaps I should point out that the only reason I suggested installing OpenBSD on the stick here was for recovery purposes, and for installing the boot loader. The boot loader allows you to select the HDD you have at the start. So edit /etc/boot.conf *on the stick* as follows: boot sr0a:/bsd

Re: How boot HDD-side crypto softraid from (bootable) USB disk? (AMD64/ARM. Currently installboot fails with "cross-device install"!..)

On 2017-02-06 08:40, bytevolc...@safe-mail.net wrote: Perhaps I should point out that the only reason I suggested installing OpenBSD on the stick here was for recovery purposes, and for installing the boot loader. The boot loader allows you to select the HDD you have at the start. So edit

Re: How boot HDD-side crypto softraid from (bootable) USB disk? (AMD64/ARM. Currently installboot fails with "cross-device install"!..)

Bytevolcano, Maybe I have a more effective solution at hand, what do you think about this: The following is for AMD64 though I'd guess that a similar approach would be possible on other platforms also. The boot sequence with MBR is: MBR: Load PBR (unencrypted) PBR: Load /boot

Re: How boot HDD-side crypto softraid from (bootable) USB disk? (AMD64/ARM. Currently installboot fails with "cross-device install"!..)

There is still an elephant in the room. What if someone has physical access to your machine's USB ports, and decides to boot something nasty from it, which in turn modifies the firmware in your system (very likely to be possible due to stupid "consumer-grade" junk like UEFI or OS-flashable BIOS

Re: How boot HDD-side crypto softraid from (bootable) USB disk? (AMD64/ARM. Currently installboot fails with "cross-device install"!..)

Bump! Again: How use a HDD as crypto softraid root filesystem media, but put boot code and cryto softraid keydisk partition (and perhaps /boot file and/or kernel) on an USB disk? Thanks, Tinker On 2017-02-02 10:27, Tinker wrote: Hi! I would like to have my system set up as follows: * My

Re: How boot HDD-side crypto softraid from (bootable) USB disk? (AMD64/ARM. Currently installboot fails with "cross-device install"!..)

On 2017-02-02 10:27, Tinker wrote: .. My motivation here for wanting the boot code on the USB stick, is that I trust the USB stick more than my harddrive. Motivation: What I meant to say here is that I like the notion of the harddrive as unsecure by definition, so that I only will trust its

How boot HDD-side crypto softraid from (bootable) USB disk? (AMD64/ARM. Currently installboot fails with "cross-device install"!..)

Hi! I would like to have my system set up as follows: * My USB memory card contains the boot code (MBR etc.) and the softraid crypto keydisk partition. And maybe the kernel. * My HDD contains the root filesystem in a crypto softraid. (And no boot code!) How do I make this so? The