Hi all,
  How can I encrypt a whole partition with OpenBSD 4.1 or 4.2-current??

I  only info about encrypt image files and not partitions ....
many thanks.
--

CL Martinez

carlopmart {at} gmail {d0t} com

Hello,

perhaps this HowTo will help you ?
http://geektechnique.org/projectlab/797/openbsd-encrypted-nas-howto
See you :)

Guillaume.

---

In this howto only explains howto encrypt sparse files and not partitions ..
--

CL Martinez

carlopmart {at} gmail {d0t} com

the technique in the article does not only apply to sparse files. have

an encrypted /var on some of my webservers and the procedure is

identical to what's in the link further down (starts with the dd-ing of

an image file).
do note it's not possible to encrypt all partitions using vnconfig. for

the time being this is the best you can do: encrypt images and mount

them after using vnconfig.

Thanks jacob, but  I have received an email from openbsd's developer

that it isn't possible to encrypt partitions or disks ... only image

files created by dd command ...
--

CL Martinez

carlopmart {at} gmail {d0t} com

The developer of whom you speak may be slightly misinformed, or just

hasn't tried it. There is no need to mention names, but as of ...

hmmm... 2 minutes ago, i was able to use vnd to encrypt an entire

partition.
CK
--

GDB has a 'break' feature; why doesn't it have 'fix' too?

IIRC, you can't use vnd0 for partitions, somehow it causes problems. But

if you use vnd1 or a higher number, it should just work.
Julian
--

If you don't remember something, it never existed...

If you aren't remembered, you never existed...

I don't quite understand what love is like... But if there

was someone who liked me, I'd be happy.

About the only reason I could see for that being the case is that the

release(8) process is hard-coded to use vnd0 for making disk images.

If you already have vnd0 mounted as a crypto device, you won't be able

to make the installer images. Aside from that, I see nothing that

would preclude you from using something other than a file as a source

of blocks for vnd0 to use.
CK
--

GDB has a 'break' feature; why doesn't it have 'fix' too?

uh, pretty sure that's not the case. this hogwash about encrypted

partitions is getting old:
# df -h

Filesystem     Size    Used   Avail Capacity  Mounted on

...

/dev/sd0e     19.7G   19.7G  -1008M   105%    /enc/var

/dev/svnd0a   19.4G    2.3G   16.1G    12%    /var
did have to do the vnconfig thing in /etc/rc where you normally mount