Remote solution to decrypt disk at boot
Hi there ! I have a little box at home, hosting some little services for personal use under freebsd with a full disk encryption (geli). I'm never at home and long power outage often occurs so I always need to come back home to type my passphrase to decrypt the disk.
I was searching this week a solution to do it remotely and found the "poor-guy-kvm" solutions turning a Raspberry like board (beaglebone black in my case) in a hid keyboard. It works fine once the computer has booted but once reboot when the passphrase is asked before it loads the loader menu, nothing. When I plug an ordinary USB keyboard I can type my passphrase so USB module is loaded.
Am I missing something ? Am I trying something impossible ?
(I could've asked on freebsd forum but... Have to suscribe, presentation, etc... Long journey)
Hi, Why not to do little bit diffrently?
No second pc/raspberry is required
I have this done with luks on Debian: https://hamy.io/post/0009/how-to-install-luks-encrypted-ubuntu-18.04.x-server-and-enable-remote-unlocking/ I think you can adapt something similar to your freebsd
Quick google search found:
https://forums.freebsd.org/threads/encrypted-root-with-unencrypted-preboot-and-reboot-r.74378/
https://github.com/Sec42/freebsd-remote-crypto
Shit, i totally missed this one, maybe not searching with good keywords... Thanks a lot, I've read fast for the moment so it doesn't seems to be fully encrypted but scenario in the forum and solution proposed can answer my needs (sorry for bad English ). Thanks !
The key to a good search is to know what your are looking for.
If you know what you are looking for
I know how you feel brother.
At least we have the awesome members of the community showing us the other options!