artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: aac8e53) | patch
Initial support for guided disk encryption
authorkn <kn@openbsd.org>
Tue, 7 Mar 2023 17:29:42 +0000 (17:29 +0000)
committerkn <kn@openbsd.org>
Tue, 7 Mar 2023 17:29:42 +0000 (17:29 +0000)
commit35ea5efc40855089cb818dc4678aa795b5eb909f
tree54a0d43f20239c31556dd5e7ec29a23307f17aa9tree | snapshot
parentaac8e53e4d62f2360deb2d91a4aea7f691913affcommit | diff
Initial support for guided disk encryption

One new question to cover the most common use case, such that manual setup
in (S)hell or '!' prior to install is no longer required:

    Encrypt the root disk? (disk, 'no' or '?' for details) [no] ?

    Create a passphrase protected CRYPTO softraid volume to be used as root disk.

    Available disks are: sd0.
    Encrypt the root disk? (disk, 'no' or '?' for details) [no]

Use of keydisk or different disciplines are not covered.
Only asked in interactive installations;  no autoinstall(8) or upgrades.
Only reachable on i386, amd64, sparc64 and riscv64 for now (arm64 WIP).

Tested by cheloha naddy and a few users
Feedback from cheloha deraadt claudio
OK cheloha
"get it in now" deraadt
distrib/amd64/common/install.md diff | blob | history
distrib/i386/common/install.md diff | blob | history
distrib/miniroot/install.sub diff | blob | history
distrib/riscv64/ramdisk/install.md diff | blob | history
distrib/sparc64/common/install.md diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim