Open Source Full Disk Encryption for BSD Operating System?
https://stackoverflow.com/questions/764564
-
11-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Anyone aware of an open source equivalent to full disk encryption products such as Pointsec (a Check Point product) where the machine won't boot unless a password is supplied?
Solution
From this Wikipedia page, I see the following disk encryption methods that are can be used on BSD (FreeBSD or NetBSD):
OTHER TIPS
On FreeBSD, you can encrypt almost the whole disk. If you want to encrypt the partition containing the filesystem root, you need an unencrypted partition to contain /boot.
On a bog-standard FreeBSD 9 install, /boot is around 300 MB. Most of that is /boot/kernel, especially the symbols files for the kernel and modules.
See e.g. this blog article.
Personally, I wouldn't bother encrypting more than the partition that holds your data. There is nothing secret in the OS files itself.
Truecrypt supports windows, linux and mac. It supports full disk encryption, although that is listed as supported only for windows. There apparently exists some patches that adds support for freebsd, although I do not know if that includes full disk encryption.
In a comment to this blog post by Bruce Schneier, the following is mentioned in addition to the ones already listed in Rick Copeland's answer:
- svnd (OpenBSD)
and maybe
- EncFS
- CryptoFS
