headers
Jeremy C. Reed | 1 Mar 2005 01:58

Re: Regarding the use of pam_ssh

On Mon, 28 Feb 2005, Jason Thorpe wrote:

> > people don't use remote xdm anymore?  i haven't for a few years but
> > in the past i did so heavily...
>
> I think it exists, but I think X terminals are a lot less common than
> they used to be.

They appear to be very commonly used for LTSP (Linux Terminal Server
Project) and similar. I have used it a few times and set it up for a
library with 16 workstations.

When I first tested LTSP, I used NetBSD as the DHCP, BOOTP, and TFTP
server for it. And for the final product, I used pkgsrc to provide the
software ran by the clients. (NetBSD should provide a ready-to-use
LTSP-alternative.)

 Jeremy C. Reed

 	  	 	 BSD News, BSD tutorials, BSD links
	  	 	 http://www.bsdnewsletter.com/
Permalink | Reply | 1 comment |
headers
Roland Dowdeswell | 1 Mar 2005 06:16
Favicon

Re: RFC: backporting GEOM to the 4.x branch

On 1109635700 seconds since the Beginning of the UNIX epoch
Thomas Sparrevohn wrote:
>

>I could be wrong but I would assume that if it is correctly handled within 
>softupdates there should be no need for journalling - e.g. If both 
>transactions are not completed the writes are ignored

This does not work.  The problem is that in GBDE for sector n which
is written, there are two operations:

	1.  change the key by which sector n is encrypted, and
	2.  write sector n ecnrypted with the new key.

If one of these fails, how could the write be ignored? If one of
the two completes but not both, then one is left in the situation
of either:

	1.  trying to decrypt the old sector with the new
	    encryption key, or
	2.  trying to decrypt the new sector with the old
	    encryption key.

Either way, the sector has been lost.  Neither the original contents
of the sector nor the new contents can be recovered without breaking
AES-128.  Fsck(8) does not contain this functionality (and it would
be rather impressive if it did.)

Softupdates does not maintain old copies of sectors which it is
writing.  Hence the sector is gone forever (or for however long it
(Continue reading)

Permalink | Reply | 0 comments |
headers
Christian Weniger | 1 Mar 2005 17:24
Picon
Picon

cgd randomkey at start

hi,

i just want to encrypt (using cgd) my swap partition and the /tmp
partion with a randomkey at startup. My problem is that /dev/random is
empty at startup and so cgd hangs and can't generate a randomkey until
i help and generate random data by typing on the keyboard. That's not a
solution because i'm going to use the computer without a keyboard.

So how can i genrate random data without sitting in fornt of the pc?
Or can i use /dev/urandom for the randomkey? (i found a 2 year old mail
with the same
problem:
http://groups.google.de/groups?selm=200309121954.h8CJsaFO025666%40server.duh.org&output=gplain
  - but it seems that there is no option "urandomkey" today).

regards Christian

--

-- 
DSL Komplett von GMX +++ Supergnstig und stressfrei einsteigen!
AKTION "Kein Einrichtungspreis" nutzen: http://www.gmx.net/de/go/dsl
Permalink | Reply | 9 comments |
headers
Roland Dowdeswell | 1 Mar 2005 17:42
Favicon

Re: cgd randomkey at start

On 1109694258 seconds since the Beginning of the UNIX epoch
"Christian Weniger" wrote:
>

>i just want to encrypt (using cgd) my swap partition and the /tmp
>partion with a randomkey at startup. My problem is that /dev/random is
>empty at startup and so cgd hangs and can't generate a randomkey until
>i help and generate random data by typing on the keyboard. That's not a
>solution because i'm going to use the computer without a keyboard.
>
>So how can i genrate random data without sitting in fornt of the pc?
>Or can i use /dev/urandom for the randomkey? (i found a 2 year old mail
>with the same
>problem:
>http://groups.google.de/groups?selm=200309121954.h8CJsaFO025666%40server.duh.o
>rg&output=gplain
>  - but it seems that there is no option "urandomkey" today).

A urandom option was added after the 2.0 branch.

So, you have a few options:

	1.  rebuild cgdconfig with current sources (which is not
	    too difficult),
	2.  wait for the next release major release,
	3.  ask us to pull the changes back to the 2.0 branch and
	    wait for the next minor release, or
	4.  write a program that causes lots of disk access before
	    cgdconfig(1) is called in the boot sequence.
(Continue reading)

Permalink | Reply | 8 comments |
headers
Hubert Feyrer | 1 Mar 2005 18:02
Picon
Favicon

Re: cgd randomkey at start

On Tue, 1 Mar 2005, Roland Dowdeswell wrote:
> 	3.  ask us to pull the changes back to the 2.0 branch and
> 	    wait for the next minor release, or

Please pull the changes back to the 2(.0) branch.

  - Hubert

--

-- 
NetBSD - Free AND Open!      (And of course secure, portable, yadda yadda)
Permalink | Reply | 1 comment |
headers
Christian Weniger | 1 Mar 2005 18:06
Picon
Picon

Re: cgd randomkey at start

> On 1109694258 seconds since the Beginning of the UNIX epoch
> "Christian Weniger" wrote:
> >
> 
> >i just want to encrypt (using cgd) my swap partition and the /tmp
> >partion with a randomkey at startup. My problem is that /dev/random is
> >empty at startup and so cgd hangs and can't generate a randomkey until
> >i help and generate random data by typing on the keyboard. That's not a
> >solution because i'm going to use the computer without a keyboard.
> >
> >So how can i genrate random data without sitting in fornt of the pc?
> >Or can i use /dev/urandom for the randomkey? (i found a 2 year old mail
> >with the same
> >problem:
>
>http://groups.google.de/groups?selm=200309121954.h8CJsaFO025666%40server.duh.o
> >rg&output=gplain
> >  - but it seems that there is no option "urandomkey" today).
> 
> A urandom option was added after the 2.0 branch.
> 
> So, you have a few options:
> 
> 	1.  rebuild cgdconfig with current sources (which is not
> 	    too difficult),
> 	2.  wait for the next release major release,
> 	3.  ask us to pull the changes back to the 2.0 branch and
> 	    wait for the next minor release, or
> 	4.  write a program that causes lots of disk access before
> 	    cgdconfig(1) is called in the boot sequence.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Todd Vierling | 1 Mar 2005 18:39
Gravatar

Re: cgd randomkey at start

On Tue, 1 Mar 2005, Hubert Feyrer wrote:

> > 	3.  ask us to pull the changes back to the 2.0 branch and
> > 	    wait for the next minor release, or
>
> Please pull the changes back to the 2(.0) branch.

Well, seeing that I did the original change and I'm using it on the 2.X
branch, I'll check that it merges correctly and submit a pullup.

--

-- 
-- Todd Vierling <tv <at> duh.org> <tv <at> pobox.com>
Permalink | Reply | 0 comments |
headers
Roland Dowdeswell | 1 Mar 2005 20:01
Favicon

Re: RFC: backporting GEOM to the 4.x branch

On 1109628121 seconds since the Beginning of the UNIX epoch
"ALeine" wrote:
>

>Yes, the data sector is written first and then the key sector.
>Since, as you pointed out, GBDE is more susceptible to dictionary
>attacks than CGD one can then use this advantage (it's a feature,
>not a design flaw!) to recover the lost key so no data is lost. :->
>
>Seriously, how can one make writing atomic without breaking
>compatibility with existing GBDE volumes? Which approach does CGD
>use to solve the problem of atomic writing?

You would need to maintain some sort of journal.  With CGD, I
specifically avoided any strategy which tied the write of one sector
to the write of another sector for this reason.  And so, I use one
key to encrypt the disk rather than storing randomly generated
keys upon every write.

GBDE already explodes a single sector write into two sector writes,
which makes its performance quite suboptimal.  Adding a journal
would make it even worse.  I do not think that maintaining a
different key for each sector actually provides enough benefit to
justify this.

>How about changing GBDE in a backwards-incompatible way by adding
>one key shadow sector for every n key sectors (n would be chosen at
>volume initialization)? The key shadow sector would hold the xor of

This is basically implementing a journal.  It adds a lot of complexity
(Continue reading)

Permalink | Reply | 0 comments |
headers
Daniel Carosone | 1 Mar 2005 22:07
Picon

Re: cgd randomkey at start

On Tue, Mar 01, 2005 at 11:42:20AM -0500, Roland Dowdeswell wrote:
> So, you have a few options:

There's also the option of something like:

# cgdconfig -s cgd0 /dev/wd0e aes-cbc 128 < /dev/urandom 

as outlined in the cgd chapter of The NetBSD Guide.

--
Dan.
Permalink | Reply | 4 comments |
headers
Roland Dowdeswell | 1 Mar 2005 22:24
Favicon

Re: cgd randomkey at start

On 1109711221 seconds since the Beginning of the UNIX epoch
Daniel Carosone wrote:
>

>> So, you have a few options:
>
>There's also the option of something like:
>
># cgdconfig -s cgd0 /dev/wd0e aes-cbc 128 < /dev/urandom=20
>
>as outlined in the cgd chapter of The NetBSD Guide.

Oh, heh.  I forgot the easiest one.

--
    Roland Dowdeswell                      http://www.Imrryr.ORG/~elric/
Permalink | Reply | 0 comments |

Gmane