DOCSLIB.ORG

GBDE - GEOM Based Disk Encryption

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
GBDE - GEOM Based Disk Encryption GBDE - GEOM Based Disk Encryption Poul-Henning Kamp The FreeBSD Project [email protected] Abstract The everincreasing mobility of computers has made protection of data on digital storage media an important requirement in a number of applications and situations. GBDE is a strong cryptographic facility for denying unau- thorised access to data stored on a ``cold''disk for decades and longer.GBDE operates on the disk(-partition) level allowing anytype of file system or database to be protected. Asignificant focus has been put on the practical aspects in order to makeitpossible to deployGBDE in the real world. 1 1. Losing data left and right mistaken for the plot from a classic Buster Keaton In the last couple of years, gentlemen of the press movie: have repeatedly been able to expose howlaptop com- First a laptop was forgotten and lost in a taxi-cab. puters containing highly sensitive orvery valuable Newpolicy: always drive your own car if you information have been lost to carelessness, theft and in bring your laptop. Then a car was stolen, includ- some cases espionage. [THEREG] ing the laptop in the trunk. Newpolicy: always bring your laptop with you. The next laptop was The scope of the problem is very hard to gauge, since it stolen from a pub while the owner was bowing to is not a subject which the involved persons and, in par- the pressures of nature. Newpolicy: employees ticular,institutions are at all keen on having exposed. are not to carry their own laptops outside the office However, a few data points have been uncovered, at anytime. Laptops will be transported from and revealing that the U.S. Federal Bureau of Investigation to the employees home address by the agencyse- curity force and will be chained and locked to a loses, on average, one laptop every three days. ring in the wall installed by the companyjanitors. [DOJ0227] All requests must be filed 3 days in advance on When a computer is lost, stolen or misplaced, it is very form ##-#. [PRIV] often the case that the computer hardware represents a value which is insignificant compared to the value of the disk contents. More often than not, the only reason 2. Protecting disk contents the press heard about it was that the material on the Protecting the contents of a computer'sdisk can disk was ``hot''enough to makethe loss of control rat- in practice be done in twoways: by physically securing tle people at government level. the disk or by encrypting its contents. While it is easy to blame these incidents on ``user Physical protection is increasingly impossible to imple- error'', as is generally done, doing so makes it a very ment. It used to be that disk drivescould only be hard problem to fix. Human nature being what it is, movedbyforklift, but these days a gigabyte disk is the seems to remain just that. size, but not quite yet the thickness, of a postage stamp. In the absence of technical counter measures, adminis- While computers can be tied down with wires and bars trative measures have been applied, generally with can be put in front of windows, such measures are gen- abysmal results. In one case, a bureaucracyhas han- erally not acceptable, or at least not judged economi- dled the problem according to what could easily be cally justified in anybut the most sensitive operations. That leavesencryption of the disk contents as the only 1 This software was developed for the FreeBSD Project by practical and viable mode of protection, and both the Poul-Henning Kamp and NAI Labs, the Security Research Division practicality and the viability has been somewhat in of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (``CBOSS''), as part of the DARPACHATS re- doubt. search program. Until recently,nearly all aspects of cryptographywere a highly political issue, this has eased a lot in the last couple of years and there now``only''remain a number of rather fundamental questions in the area of law has been subject to both version skew and compatibility enforcement and human rights, which are still unset- problems. tled. With the political issues mostly out of the way,the next 2.3. Disk levelencryption roadblock is practical: While use of cryptographycan Encryption at the disk levelcan protect all data, neverbeentirely transparent, the overhead and work- no matter howtheyare stored, file system, database or load it brings must be reasonable. otherwise. To a user,encryption at the disk levelwould require 2.1. Application levelencryption authentication before the computer can be used, every- Encryption at the application levelhas been thing functioning transparently thereafter,with all disk available for a number of years, primarily in the form content automatically protected. of the PGP [PGP] program. This is about as intrusive Giventhat the programming interface for a disk device and demanding as things can get: the user is explicitly is very simple and practically identical between operat- responsible for doing both encryption and decryption ing systems, there are no technical reasons whythe 2 and must enter the pass-phrase for every operation. same implementation could not be used across several Apart from the inconvenience of this extra workload, operating systems. manyorg anisations would trust their users neither to All in all this is a close to ideal solution from an opera- get this right nor eventowant to get it right. From an tional point of view. institutional point of viewitisimportant that crypto- There are significant implementation issues however. graphic data protection can be made mandatory. In difference from the higher levels, encryption at the disk levelhas no way of knowing a priori which sectors 2.2. Filesystem levelencryption contain data and which sectors do not; neither is knowl- Encryption at the file system levelisatried and edge available about access patterns or relationships acknowledged method of providing protection, but it between individual sectors. suffers from a number of drawbacks, mainly because Where application levelorfile system based encryption no mainstream file systems offer encryption. schemes can key each file individually,adisk based Encrypting file systems are speciality items, which encryption must key each and every sector individually, means increased cost and system administration prob- ev enifitisnot currently used to hold data. lems of all sorts. It has been argued that the encryption ideally should And since practically all operating systems use their happen in the disk-drive,and while there are steps in ownfile system format, cross platform fully functional this direction, theydounfortunately seem to have been file systems are very rare. This means that a typical made for the wrong reasons by the wrong people organisation will have tooperate with a handful of dif- [CPRM], and have consequently not gained acceptance. ferent methods of encryption, which translates to sys- Provided the owner of the computer remains in control tem administration overhead, user confusion and extra of the encryption, I see no reason whyencryption in the effort to pass security and ISO9000 audits. disk drivesshould not gain acceptance in the future. Asecondary,but increasingly important issue is that data which are stored in databases on rawdisk, operat- 3. Whythis is not quite simple ing system paging areas and other such data are not Several implementations have been produced protected by a cryptographic file system. To protect which implement a disk encryption feature by running these would mean adding yet another set of encryption the user provided passphrase through a good quality methods, which leads to a situation which is very hard one-way hash function and used the output as a key to to handle practically and administratively. encrypt all the sectors using a standard block cipher in Finally,file systems have a complexprogramming CBC mode. Aper sector IV for the encryption is typi- interface to the operating system, which traditionally cally derivedfrom the passphrase and sector address using a one-way hash function. Tw o typical examples 2 Interestingly,this is so impractical in real world use that vari- are [CGD] and [LOOPAES]. ous applications with PGP support resort to caching the pass-phrase at the application level, thereby weakening the protection a fair bit. Unfortunately this approach suffers from a number of significant drawbacks, both in terms of cryptographic strength and deployability. available hardware, and is consequently out of the Fordata to stay protected for decades or evenlifetimes, question. sufficient margin must exist not only for technological The third design criterion came from the fact that peo- advances in brute force technology,but also for theoret- ple forget passphrases, and while loosing the entire ical advances in cryptoanalytical attacks on the algo- content of the disk as punishment could be seen as a rithms used. large-calibered educational device, it is not acceptable Protecting a modern disk, typically having a fewhun- from a real world perspective:there must be some kind dred millions of sectors, with the same single 128 or of multiple access paths. 256 bits of key material offers an incredibly large Giventhat GBDE is open source software, there is little amount of data for statistical, differential or probabilis- more than symbolic value in a hierarchical set of tic attacks in the future. passphrases: changing the source code to bypass the Worse, because the sectors contain file system or data- hierarchycannot trivially be prevented. It is also not base data and meta data which are optimised for speed, clear what the hierarchywould control in the first the plaintext sector data typically have both a high place. Since all sectors are treated the same, it cannot degree of structure and a high predictability,offering be used to implement hierarchical access levels, and ample opportunities for statistical and known plaintext implementing a hierarchywhich only affects the key attacks.
Load more

Recommended publications
  • ストレージの管理: Geom, Ufs, Zfs
    FreeBSD 勉強会 ストレージの管理: GEOM, UFS, ZFS 佐藤 広生 <[email protected]> 東京工業大学/ FreeBSD Project 2012/7/20 2012/7/20 (c) Hiroki Sato 1 / 94 FreeBSD 勉強会 前編 ストレージの管理: GEOM, UFS, ZFS 佐藤 広生 <[email protected]> 東京工業大学/ FreeBSD Project 2012/7/20 2012/7/20 (c) Hiroki Sato 1 / 94 講師紹介 佐藤 広生 <[email protected]> ▶ *BSD関連のプロジェクトで10年くらい色々やってます ▶ カーネル開発・ユーザランド開発・文書翻訳・サーバ提供 などなど ▶ FreeBSD コアチームメンバ(2006 年から 4期目)、 リリースエンジニア (commit 比率は src/ports/doc で 1:1:1くらい) ▶ AsiaBSDCon 主宰 ▶ 技術的なご相談や講演・執筆依頼は [email protected] まで 2012/7/20 (c) Hiroki Sato 2 / 94 お話すること ▶ ストレージ管理 ▶ まずは基礎知識 ▶ GEOMフレームワーク ▶ 構造とコンセプト ▶ 使い方 ▶ ファイルシステム ▶ 原理と技術的詳細を知ろう ▶ UFS の構造 ▶ ZFS の構造(次回) ▶ GEOM, UFS, ZFSの実際の運用と具体例(次回) 2012/7/20 (c) Hiroki Sato 3 / 94 復習:UNIX系OSの記憶装置 記憶装置 ハードウェア カーネル ソフトウェア ユーザランド ユーザランド ユーザランド プロセス プロセス プロセス 2012/7/20 (c) Hiroki Sato 4 / 94 復習:UNIX系OSの記憶装置 HDD カーネル デバイスドライバ GEOMサブシステム /dev/foo (devfs) バッファキャッシュ VMサブシステム physio() ファイルシステム ユーザランドアプリケーション 2012/7/20 (c) Hiroki Sato 5 / 94 復習:UNIX系OSの記憶装置 ▶ 記憶装置はどう見える? ▶ UNIX系OSでは、資源は基本的に「ファイル」 ▶ /dev/ada0 (SATA, SAS HDD) ▶ /dev/da0 (SCSI HDD, USB mass storage class device) ▶ 特殊ファイル(デバイスノード) # ls -al /dev/ada* crw-r----- 1 root operator 0, 75 Jul 19 23:46 /dev/ada0 crw-r----- 1 root operator 0, 77 Jul 19 23:46 /dev/ada1 crw-r----- 1 root operator 0, 79 Jul 19 23:46 /dev/ada1s1 crw-r----- 1 root operator 0, 81 Jul 19 23:46 /dev/ada1s1a crw-r----- 1 root operator 0, 83 Jul 19 23:46 /dev/ada1s1b crw-r----- 1 root operator 0, 85 Jul 19 23:46 /dev/ada1s1d crw-r----- 1 root operator 0, 87 Jul 19 23:46 /dev/ada1s1e crw-r----- 1 root operator 0, 89
    [Show full text]
  • Portace Na Jin´E Os
    VYSOKEU´ CENˇ ´I TECHNICKE´ V BRNEˇ BRNO UNIVERSITY OF TECHNOLOGY FAKULTA INFORMACNˇ ´ICH TECHNOLOGI´I USTAV´ INFORMACNˇ ´ICH SYSTEM´ U˚ FACULTY OF INFORMATION TECHNOLOGY DEPARTMENT OF INFORMATION SYSTEMS REDIRFS - PORTACE NA JINE´ OS PORTING OF REDIRFS ON OTHER OS DIPLOMOVA´ PRACE´ MASTER’S THESIS AUTOR PRACE´ Bc. LUKA´ Sˇ CZERNER AUTHOR VEDOUC´I PRACE´ Ing. TOMA´ Sˇ KASPˇ AREK´ SUPERVISOR BRNO 2010 Abstrakt Tato pr´acepopisuje jak pˇr´ıpravu na portaci, tak samotnou portaci Linuxov´ehomodulu RedirFS na operaˇcn´ısyst´emFreeBSD. Jsou zde pops´any z´akladn´ırozd´ılypˇr´ıstupuk Lin- uxov´emu a FreeBSD j´adru,d´alerozd´ılyv implementaci, pro RedirFS z´asadn´ı,ˇc´astij´adra a sice VFS vrstvy. D´alezkoum´amoˇznostia r˚uzn´epˇr´ıstupy k implementaci funkcionality linuxov´ehoRedirFS na operaˇcn´ımsyst´emu FreeBSD. N´aslednˇejsou zhodnoceny moˇznostia navrˇzenide´aln´ıpostup portace. N´asleduj´ıc´ıkapitoly pak popisuj´ıpoˇzadovanou funkcional- itu spolu s navrhovanou architekturou nov´ehomodulu. D´aleje detailnˇepops´ann´avrha implementace nov´ehomodulu tak, aby mˇelˇcten´aˇrjasnou pˇredstavu jak´ymzp˚usobem modul implementuje poˇzadovanou funkcionalitu. Abstract This thesis describes preparation for porting as well aw porting itself of RedirFS Linux kernel module to FreeBSD. Basic differences between Linux and FreeBSD kernels are de- scribed as well as differences in implementation of the Virtual Filesystem, crucial part for RedirFS. Further there are described possibilities and different approaches to implemen- tation RedirFS functionality to FreeBSD. Then, the possibilities are evaluated and ideal approach is proposed. Next chapters introduces erquired functionality of the new module as well as its solutions. Then the implementation details are describet so the reader can very well understand how the new module works and how the required functionality is implemented into the module.
    [Show full text]
  • ZFS 2018 and Onward
    SEE TEXT ONLY 2018 and Onward BY ALLAN JUDE 2018 is going to be a big year for ZFS RAID-Z Expansion not only FreeBSD, but for OpenZFS • 2018Q4 as well. OpenZFS is the collaboration of developers from IllumOS, FreeBSD, The ability to add an additional disk to an existing RAID-Z VDEV to grow its size with- Linux, Mac OS X, many industry ven- out changing its redundancy level. For dors, and a number of other projects example, a RAID-Z2 consisting of 6 disks to maintain and advance the open- could be expanded to contain 7 disks, source version of Sun’s ZFS filesystem. increasing the available space. This is accomplished by reflowing the data across Improved Pool Import the disks, so as to not change an individual • 2018Q1 block’s offset from the start of the VDEV. The new disk will appear as a new column on the A new patch set changes the way pools are right, and the data will be relocated to main- imported, such that they depend less on con- tain the offset within the VDEV. Similar to figuration data from the system. Instead, the reflowing a paragraph by making it wider, possibly outdated configuration from the sys- without changing the order of the words. In tem is used to find the pool, and partially open the end this means all of the new space shows it read-only. Then the correct on-disk configura- up at the end of the disk, without any frag- tion is loaded. This reduces the number of mentation.
    [Show full text]
  • GELI (8) Freebsd System Manager's Manual GELI (8) NAME Geli
    GELI (8) FreeBSD System Manager’s Manual GELI (8) NAME geli — control utility for cryptographic GEOM class SYNOPSIS To compile GEOM ELI into your kernel, place the following lines in your kernel configuration file: device crypto options GEOM_ELI Alternately, to load the GEOM ELI module at boot time, place the following line in your loader.conf(5): geom_eli_load="YES" Usage of the geli(8) utility: geli init [ -bPv][ -a algo ][ -i iterations ][ -K newkeyfile][ -l keylen ][ -s sectorsize ] prov geli label - an alias for init geli attach [ -dpv ][ -k keyfile ] prov geli detach [ -fl] prov . geli stop - an alias for detach geli onetime [ -d][ -a algo][ -l keylen][ -s sectorsize ] prov . geli setkey [ -pPv ][ -i iterations ][ -k keyfile][ -K newkeyfile][ -n keyno] prov geli delkey [ -afv ][ -n keyno] prov geli kill [ -av][ prov . ] geli backup [ -v] prov file geli restore [ -v] file prov geli clear [ -v] prov . geli dump [ -v] prov . geli list geli status geli load geli unload DESCRIPTION The geli utility is used to configure encryption on GEOM providers. The following is a list of the most important features: • Utilizes the crypto(9) framework, so when there is crypto hardware available, geli will make use of it automatically. • Supports many cryptographic algorithms (currently AES, Blowfish and 3DES). • Can create a key from a couple of components (user entered passphrase, random bits from a file, etc.). • Allows to encrypt the root partition - the user will be asked for the passphrase before the root file system is mounted. • The passphrase of the user is strengthened with: B. Kaliski, PKCS #5: Password-Based Cryptography Specification, Version 2.0.
    [Show full text]
  • 967-Malone.Pdf
    IN THIS ARTICLE I’M GOING TO LOOK at some less well known security features DAVID MALONE of FreeBSD. Some of these features are com- mon to all the BSDs. Others are FreeBSD- specific or have been extended in some way in FreeBSD. The features that I will be security through discussing are available in FreeBSD 5.4. obscurity First, I’ll mention some features that I don’t plan to cover. FreeBSD jails are like a more powerful version of chroot. Like chroot they are restricted to a subtree A REVIEW OF A FEW OF of the file system, but users (including root) in a jail are also restricted in terms of networking and system FREEBSD’S LESSER-KNOWN calls. It should be safe to give root access to a jail to an untrusted user, making a jail like virtual system, SECURITY CAPABILITIES not unlike some applications of UML [1] or Xen [2] David is a system administrator at Trinity College, but without running separate kernels for each system. Dublin, a researcher in NUI Maynooth, and a com- A lot has already been written about jails [3], so I mitter on the FreeBSD project. He likes to express won’t dwell on them further here. himself on technical matters, and so has a Ph.D. in mathematics and is the co-author of IPv6 Network Another feature that I don’t plan to spend much time Administration (O’Reilly, 2005). on is ACLs. ACLs are an extension of the traditional [email protected] UNIX permissions system to allow you to specify per- missions for users and groups other than the file’s owner and group.
    [Show full text]
  • Freebsd Enterprise Storage Polish BSD User Group Welcome 2020/02/11 Freebsd Enterprise Storage
    FreeBSD Enterprise Storage Polish BSD User Group Welcome 2020/02/11 FreeBSD Enterprise Storage Sławomir Wojciech Wojtczak [email protected] vermaden.wordpress.com twitter.com/vermaden bsd.network/@vermaden https://is.gd/bsdstg FreeBSD Enterprise Storage Polish BSD User Group What is !nterprise" 2020/02/11 What is Enterprise Storage? The wikipedia.org/wiki/enterprise_storage page tells nothing about enterprise. Actually just redirects to wikipedia.org/wiki/data_storage page. The other wikipedia.org/wiki/computer_data_storage page also does the same. The wikipedia.org/wiki/enterprise is just meta page with lin s. FreeBSD Enterprise Storage Polish BSD User Group What is !nterprise" 2020/02/11 Common Charasteristics o Enterprise Storage ● Category that includes ser$ices/products designed &or !arge organizations. ● Can handle !arge "o!umes o data and !arge num%ers o sim#!tano#s users. ● 'n$olves centra!ized storage repositories such as SA( or NAS de$ices. ● )equires more time and experience%expertise to set up and operate. ● Generally costs more than consumer or small business storage de$ices. ● Generally o&&ers higher re!ia%i!it'%a"aila%i!it'%sca!a%i!it'. FreeBSD Enterprise Storage Polish BSD User Group What is !nterprise" 2020/02/11 EnterpriCe or EnterpriSe? DuckDuckGo does not pro$ide search results count +, Goog!e search &or enterprice word gi$es ~ 1 )00 000 results. Goog!e search &or enterprise word gi$es ~ 1 000 000 000 results ,1000 times more). ● /ost dictionaries &or enterprice word sends you to enterprise term. ● Given the *+,CE o& many enterprise solutions it could be enterPRICE 0 ● 0 or enterpri$e as well +.
    [Show full text]
  • Comparison of Disk Encryption Software 1 Comparison of Disk Encryption Software
    Comparison of disk encryption software 1 Comparison of disk encryption software This is a technical feature comparison of different disk encryption software. Background information Name Developer First released Licensing Maintained? ArchiCrypt Live Softwaredevelopment Remus ArchiCrypt 1998 Proprietary Yes [1] BestCrypt Jetico 1993 Proprietary Yes BitArmor DataControl BitArmor Systems Inc. 2008-05 Proprietary Yes BitLocker Drive Encryption Microsoft 2006 Proprietary Yes Bloombase Keyparc Bloombase 2007 Proprietary Yes [2] CGD Roland C. Dowdeswell 2002-10-04 BSD Yes CenterTools DriveLock CenterTools 2008 Proprietary Yes [3][4][5] Check Point Full Disk Encryption Check Point Software Technologies Ltd 1999 Proprietary Yes [6] CrossCrypt Steven Scherrer 2004-02-10 GPL No Cryptainer Cypherix (Secure-Soft India) ? Proprietary Yes CryptArchiver WinEncrypt ? Proprietary Yes [7] cryptoloop ? 2003-07-02 GPL No cryptoMill SEAhawk Proprietary Yes Discryptor Cosect Ltd. 2008 Proprietary Yes DiskCryptor ntldr 2007 GPL Yes DISK Protect Becrypt Ltd 2001 Proprietary Yes [8] cryptsetup/dmsetup Christophe Saout 2004-03-11 GPL Yes [9] dm-crypt/LUKS Clemens Fruhwirth (LUKS) 2005-02-05 GPL Yes DriveCrypt SecurStar GmbH 2001 Proprietary Yes DriveSentry GoAnywhere 2 DriveSentry 2008 Proprietary Yes [10] E4M Paul Le Roux 1998-12-18 Open source No e-Capsule Private Safe EISST Ltd. 2005 Proprietary Yes Dustin Kirkland, Tyler Hicks, (formerly [11] eCryptfs 2005 GPL Yes Mike Halcrow) FileVault Apple Inc. 2003-10-24 Proprietary Yes FileVault 2 Apple Inc. 2011-7-20 Proprietary
    [Show full text]
  • The Daemon's Dozen: Introducing Freebsd 12.0
    SEE TEXT ONLY By Michael W LUCAS The Daemon’s Dozen Introducing FreeBSD 12.0 We’ve all been eagerly awaiting FreeBSD 12.0 since about two hours after FreeBSD 11.0 escaped. Here I’ll take a few looks at some new features, removed features, and forthcoming changes, starting with storage. FS users are probably familiar with the beadm(8) package, the boot environment administration pro- gram. We’ve previously covered it in the FreeBSD Journal. FreeBSD now includes bectl(8), a boot envi- Zronment control program. It retains much of the beadm(8) syntax, letting you create, activate, list, and destroy boot environments. Additionally, it lets you mount unused boot environments and create jails from those boot environments. I’ve used jails to troubleshoot problematic boot environments, so this is a welcome addition to the base system. Many people have used GELI to encrypt disks. Doing hard drive encryption properly is tricky, but GELI • handily reduces the risk of exposing confidential data when your laptop gets stolen. GELI was painful to use on systems with many hard drives, though. Each disk needed to be configured separately. With FreeBSD 12.0, GELI can now configure multiple disks simultaneously so long as they use the same encryp- tion key, easing this annoyance for sysadmins who administer such machines. Also, in the GELI realm, the installer can now encrypt disks on hosts booting off of UEFI. FreeBSD’s GEOM system lets us stack storage transformations on top of one another in exactly the way you need for your application, hardware, and environment.
    [Show full text]
  • Freenas® 11.2-U3 User Guide
    FreeNAS® 11.2-U3 User Guide March 2019 Edition FreeNAS® is © 2011-2019 iXsystems FreeNAS® and the FreeNAS® logo are registered trademarks of iXsystems FreeBSD® is a registered trademark of the FreeBSD Foundation Written by users of the FreeNAS® network-attached storage operating system. Version 11.2 Copyright © 2011-2019 iXsystems (https://www.ixsystems.com/) CONTENTS Welcome .............................................................. 8 Typographic Conventions ..................................................... 10 1 Introduction 11 1.1 New Features in 11.2 .................................................... 11 1.1.1 RELEASE-U1 ..................................................... 14 1.1.2 U2 .......................................................... 14 1.1.3 U3 .......................................................... 15 1.2 Path and Name Lengths .................................................. 16 1.3 Hardware Recommendations ............................................... 17 1.3.1 RAM ......................................................... 17 1.3.2 The Operating System Device ........................................... 18 1.3.3 Storage Disks and Controllers ........................................... 18 1.3.4 Network Interfaces ................................................. 19 1.4 Getting Started with ZFS .................................................. 20 2 Installing and Upgrading 21 2.1 Getting FreeNAS® ...................................................... 21 2.2 Preparing the Media ...................................................
    [Show full text]
  • Seven Ways to Increase Security in a New Freebsd Installation by MARIUSZ ZABORSKI
    1 of 6 Seven Ways to Increase Security in a New FreeBSD Installation BY MARIUSZ ZABORSKI FreeBSD can be used as a desktop or as a server operating system. When setting up new boxes, it is crucial to choose the most secure configuration. We have a lot of data on our computers, and it all needs to be protected. This article describes seven configuration improvements that everyone should remember when configur- ing a new FreeBSD box. Full Disk Encryption With a fresh installation, it is important to decide about hard drive encryption—par- 1ticularly since it may be challenging to add later. The purpose of disk encryption is to protect data stored on the system. We store a lot of personal and business data on our com- puters, and most of the time, we do not want that to be read by unauthorized people. Our laptop may be stolen, and if so, it should be assumed that a thief might gain access to almost every document, photo, and all pages logged in to through our web browser. Some people may also try to tamper with or read our data when we are far away from our computer. We recommend encrypting all systems—especially servers or personal computers. Encryp- tion of hard disks is relatively inexpensive and the advantages are significant. In FreeBSD, there are three main ways to encrypt storage: • GBDE, • ZFS native encryption, • GELI. Geom Based Disk Encryption (GBDE) is the oldest disk encryption mechanism in FreeBSD. But the GBDE is currently neglected by developers. GDBE supports only AES-CBC with a 128-bit key length and uses a separate key for each write, which may introduce some CPU overhead.
    [Show full text]
  • GELI — Disk Encryption in Freebsd
    GELI | Disk Encryption in FreeBSD Micha l Borysiak [email protected] November 15, 2018 Disk encryption facilities in FreeBSD I GBDE (GEOM-based Disk Encryption) I FreeBSD 5, 2003 I Poul-Henning Kamp I GEOM module in the kernel gbde(4) I User space tool gbde(8) I Creates new device with .bde suffix I GELI (GEOM eli) I FreeBSD 6, 2005 I Pawe l Jakub Dawidek I GEOM module in the kernel I User space tool geli(8) I Creates new device with .eli suffix I Operates on sector level I New devices are created to allow plain text access to the data The GEOM framework I Standardized way to access storage layers I FreeBSD 5, 2003 I Poul-Henning Kamp I Set of GEOM classes I Classes can be freely stackable in any order I Abstraction of an I/O request transformation I Transformations: striping, mirroring, partitioning, encryption I Providers and consumers I Auto discovery GBDE I Master key (2048 random bits) is located in a random place on the GEOM provider, and its location is stored in a lock file I The lock file is encrypted using a user password and should be stored separately I Up to 4 independent user secrets (lock sectors) I Each sector is encrypted using AES-CBC-128 and a random sector key I The sector key is encrypted using a key derived from the master key and the sector number I Disk space overhead to store per-sector keys I Non-atomic disk updates, since sector keys are stored separately from data I Does not support mounting encrypted device in the / file system GELI I Simple sector-to-sector encryption I To perform symmetric cryptography on sectors
    [Show full text]
  • Talk: a Better Rescue Environment for BSD Systems
    A Remote Rescue Environment for FreeBSD Systems LinuxTag 2006; Wiesbaden, Germany Friday May 5, 2006; 10:00-11:00 Adrian Steinmann Webgroup Consulting AG, Zürich <[email protected]> Agenda What is a Remote Rescue Environment Introduction to RAMdisks and their uses Compact Flash and “Small” Hardware Building and Deploying the Rescue RAMdisk Status of Work in Progress Demonstration and Questions & Answers FreeBSD Rescue Environment Traditional versus Something New Traditional ‣ Serial console ‣ boot -s ‣ fsck -y / ‣ /rescue (statically linked) FreeBSD Rescue Environment Traditional versus Something New Traditional New Idea ‣ Serial console ★ Serial console optional ‣ boot -s ★ ssh root@sickhost ‣ fsck -y / ★ RAMdisk root always clean ‣ /rescue (statically linked) ★ RAMdisk “mostly static” “Single User Secure Shell” The goal is to be able to login remotely onto a system with SSH even when the harddisk where the root filesystem resides is acting up! RAMdisk to the Rescue Swap-backed filesystems (i.e., /tmp) Malloc-backed filesystems for read-write area in read-only environments (i.e., /var on compact flash or mfsroot on install CD) Create “disk images” to build custom distributions dd if=/dev/zero of=somebackingfile bs=1k count=5k mdconfig -a -t vnode -f somebackingfile -u 0 bsdlabel -w md0 auto newfs md0c mount /dev/md0c /mnt Linux often boots using “initrd” (initial ramdisk) RAMdisk to the Rescue Swap-backed filesystems (i.e., /tmp) Malloc-backed filesystems for read-write area in read-only environments (i.e., /var on compact flash or mfsroot on
    [Show full text]