GELI encrypted thumb drives for FreeBSD
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.git-filters
.git-hooks
etc
src
LICENSE
Makefile
README.md

README.md

Welcome to FrauBSD.org/secure_thumb!

GELI encrypted thumb drives for FreeBSD.

Foreword

The following is required before using git commit in this project.

$ .git-hooks/install.sh

This will ensure the FrauBSD keyword is expanded/updated for each commit.

Setup

Build image (requires sudo access)

$ make

Deploy image to physical hardware (requires sudo access)

  1. $ make deploy
  2. Insert thumb drive and press ENTER

Install bash_profile additions (some manual steps required)

  1. $ make install
  2. Follow steps to finalize system setup

Creating SSH keys (requires sudo access)

  1. Connect USB thumb drive to host
  2. $ openkey
  3. $ cd /mnt/keys
  4. $ make
  5. $ cd -
  6. $ closekey -e

Loading keys and ejecting the thumb drive (requires sudo access)

  1. $ loadkeys
  2. NOTE: By default, keys are loaded for 1800s (30m)
  3. $ closekey -e

Load keys for an extended period (requires sudo access)

  1. $ loadkeys -t13h
  2. $ closekey -e
  3. NOTE: Keys will remain usable via ssh-agent for 13h

Additional Features

Optionally expand thumb drive to take up free space (requires sudo)

$ make expand

Usage statement

$ make help

Help on bash_profile additions

  1. $ openkey -h
  2. $ closekey -h
  3. $ loadkeys -h
  4. $ unloadkeys -h

Sync files created on the thumb drive to the local image

$ make synctoimg

Sync files created in the image to the thumb drive

$ make synctousb

Resize the image to 1GB to increase free space

$ make IMGSIZE=1024 resize

Load keys and then eject the thumb drive

$ loadkeys -e