[Pcbsd-developer] 1.3 partitions layout suggestions:
Status: Beta
Brought to you by:
kmoore134
Menu
▾
▴
[Pcbsd-developer] 1.3 partitions layout suggestions:
|
From: Andrei K. <an...@bs...> - 2006-08-24 13:43:56
|
1.3 partitions layout suggestions: For disk encryption feature, videly used on notebooks, I suggest to make default partitions scheme like this: scheme nr1: /boot 150MB swap 1000MB / rest of free space /usr/home mounted from file:/usr/homespace (custom size, possible encrypted) scheme nr2: /boot 150MB swap 1000MB / 2GB (userland and logs) /usr rest of free space (/usr/home, /usr/src, /usr/port, etc...) Explanation: If you need root space encryption then we need at least one "plain" space from where we can boot kernel and where to store encryption keys. For more information about FreeBSD encryption I'd suggest to look at this webpage: http://events.ccc.de/congress/2005/fahrplan/events/1139.en.html We may even make /boot partition read-only for better crash resistance. Another idea is to use /home as file backed encrypted filesystem- then we can do backup by just copying /usr/homespace.eli file to NAS server or write it onto CD/DVD. Possibilities are endless. We can add swap space as file based filesystem (256MB file as SWAP space): # dd if=/dev/null of=/usr/swap0 bs=1m count=256 # mdconfig -a -t vnode -f /usr/swap0 -u 1 # swapon /dev/md1 Type: "mdconfig -lu 1" to check md1 disk state. P.S. I already played with different encryption technologies here and found FreeBSD existing features very reliable. Andrei |