Home
|
UNIX
|
Oracle
|
Code
|
Practical
|
Private
NetBSD CGD (Cryptographic disk driver)
Kernel configuration
Your NetBSD kernel needs to have this,
pseudo-device cgd 4 # cryptographic disk driver
Create the cryptographic disk
Create the parameter file, setup the password, disklabel & format it,
cgdconfig -g -V disklabel aes-cbc 256 > /etc/cgd/wd1a
cgdconfig -V re-enter cgd0 /dev/wd1a /etc/cgd/wd1a
disklabel -e -I cgd0
newfs /dev/rcgd0a
If it's a virtual disk,
cgdconfig -g -V disklabel aes-cbc 256 > /etc/cgd/vnd0d
cgdconfig -V re-enter cgd0 /dev/vnd0d /etc/cgd/vnd0d
...
Mount the cryptographic disk
Configure the cryptographic disk,
cgdconfig -V none cgd0 /dev/wd1a
mount /dev/cgd0a /mnt
Note you could add /etc/cgd/wd1a as additional argument to cgdconfig (defaults to device name)
If it's a virtual disk do this first,
vnconfig vnd0 image.vdisk
cgdconfig -V none cgd0 /dev/vnd0d
...
Unmount the cryptographic disk
Like that,
umount /mnt
cgdconfig -u cgd0
And if it's a virtual disk,
vnconfig -u vnd0
References