[PATCH] mounting encrypted devices infrastructure

Adriaan de Groot adridg at sci.kun.nl
Mon Feb 16 21:33:21 GMT 2004


On Mon, 16 Feb 2004, Tobias Koenig wrote:
> GEOM? Is this the encryption mechanism in FreeBSD?

Yes. It's a slightly different kind of low-level block-access disk device
driver. It does the encryption _there_, as opposed to at a FS level.

> Does the mount command in FreeBSD also ask the user for a password when
> mounting an encrypted device and has it the '--pass-fd' commandline
> argument?

Bwahaha! GNU-style long options to system binaries? Um, no. But it turns
out that mount and encryption management is totally separate here, so the
whole notion of an "encrypted filesystem" is moot - the _device_ is
encrypted, and isn't even available until you do something with the GEOM
manager to attach the encrypted device to the system. I suppose for
demand-mounting of filesystems on GEOM-encrypted devices, you need to do
"geom attach", then a regular "mount". Unmounting it is "unmount" and
"geom detach".

So it looks like shell-script - and probably Qt-pinentry - is going to be
needed.





More information about the kde-core-devel mailing list