Nethence Newdoc Olddoc Lab Your IP BBDock  

Warning: those guides are mostly obsolete, please have a look at the new documentation.


NetBSD CGD (CryptoGraphic Disk driver)
Kernel configuration
Your NetBSD kernel needs to have this,
pseudo-device cgd 4 # cryptographic disk driver
It's activated by default :
Create the cryptographic disk
Create the parameter file, give some password, disklabel and format it,
cd /etc/cgd/
ls -l
cgdconfig -g -V disklabel aes-cbc 256 > wd1a # this takes some time
cgdconfig -V re-enter cgd0 /dev/wd1a wd1a
disklabel -e -I cgd0
newfs /dev/rcgd0a
If it's a virtual disk,
cgdconfig -g -V disklabel aes-cbc 256 > /etc/cgd/vnd0d
cgdconfig -V re-enter cgd0 /dev/vnd0d /etc/cgd/vnd0d
Mount the cryptographic disk
Configure the cryptographic disk,
cgdconfig -V none cgd0 /dev/wd1a
mount /dev/cgd0a /mnt
Note you could add /etc/cgd/wd1a as additional argument to cgdconfig (defaults to device name)
If it's a virtual disk do this first,
vnconfig vnd0 image.vdisk
cgdconfig -V none cgd0 /dev/vnd0d
Unmount the cryptographic disk
Like that,
umount /mnt
cgdconfig -u cgd0
And if it's a virtual disk,
vnconfig -u vnd0

(obsolete, see the new doc)