search

FrauBSD / secure_thumb

GELI encrypted images and thumb drives for FreeBSD
https://FrauBSD.org/secure_thumb
BSD 2-Clause "Simplified" License
8 stars 0 forks source link
encrypted-thumb-drives fraubsd freebsd geli

readme

Welcome to FrauBSD.org/secure_thumb!

GELI encrypted thumb drives for FreeBSD.

Foreword

The following is required before using git commit in this project.

$ .git-hooks/install.sh

This will ensure the FrauBSD keyword is expanded/updated for each commit.

Setup

Build image (requires sudo access)

$ make

Deploy image to physical hardware (requires sudo access)

  1. $ make deploy
  2. Insert thumb drive and press ENTER

Install shell additions (some manual steps required)

  1. $ make install
  2. Follow steps to finalize system setup

Creating SSH keys (requires sudo access)

  1. Connect USB thumb drive to host
  2. $ openkey
  3. $ cd /mnt/keys
  4. $ make
  5. $ cd -
  6. $ closekey -e

Loading keys and ejecting the thumb drive (requires sudo access)

  1. $ loadkeys
  2. NOTE: By default, keys are loaded for 1800s (30m)
  3. $ closekey -e

Load keys for an extended period (requires sudo access)

  1. $ loadkeys -t13h
  2. $ closekey -e
  3. NOTE: Keys will remain usable via ssh-agent for 13h

Additional Features

Optionally expand thumb drive to take up free space (requires sudo)

$ make expand

Usage statement

$ make help

Help on shell additions

  1. $ openkey -h
  2. $ closekey -h
  3. $ loadkeys -h
  4. $ unloadkeys -h

Sync files created on the thumb drive to the local image

$ make synctoimg

Sync files created in the image to the thumb drive

$ make synctousb

Resize the image to 1GB to increase free space

$ make IMGSIZE=1024 resize

Load keys and then eject the thumb drive

$ loadkeys -e