Encryption

Full Disk Encryption #

Much like RAID, full disk encryption in OpenBSD is handled by the softraid(4) subsystem and bioctl(8) command. This section covers installing OpenBSD to a single encrypted disk, and is a very similar process to the previous one. Note that “stacking” softraid modes (mirrored drives and encryption, for example) is not supported at this time.

Select (S)hell at the initial prompt.

Welcome to the OpenBSD/amd64 X.X installation program.
(I)nstall, (U)pgrade, (A)utoinstall or (S)hell? s

From here, you’ll be given a shell within the live environment to manipulate the disks. For this example, we will install to the sd0 SATA drive, erasing all of its previous contents. You may want to write random data to the drive first with something like the following:

# dd if=/dev/urandom of=/dev/rsd0c bs=1m

This can be a very time-consuming process, depending on the speed of your CPU and disk, as well as the size of the disk. If you don’t write random data to the whole device, it may be possible for an adversary to deduce how much space is actually being used.

Next, we’ll initialize the disk with fdisk(8) and create the softraid partition with disklabel(8).

If you’re booting from MBR, do:

# fdisk -iy sd0

If you use GPT for UEFI booting, do:

# fdisk -iy -g -b 960 sd0

Next, create the partition layout:

# disklabel -E sd0
Label editor (enter '?' for help at any prompt)
> a a			
offset: [64]
size: [39825135] *
FS type: [4.2BSD] RAID
> w
> q
No label changes.

We’ll use the entire disk, but note that the encrypted device can be split up into multiple partitions as if it were a regular hard drive. Now we can build the encrypted device on our “a” partition.

# bioctl -c C -l sd0a softraid0
New passphrase:
Re-type passphrase:
sd1 at scsibus2 targ 1 lun 0: <OPENBSD, SR CRYPTO, 005> SCSI2 0/direct fixed
sd1: 19445MB, 512 bytes/sector, 39824607 sectors
softraid0: CRYPTO volume attached as sd1

Instead of a passphrase, you may want to use a keydisk. Since the installer does not have many device nodes by default, we’ll make sure the /dev/sd1 device is accounted for.

# cd /dev && sh MAKEDEV sd1

All data written to sd1 will now be encrypted with AES in XTS mode. As in the previous example, we’ll overwrite the first megabyte of our new pseudo-device.

# dd if=/dev/zero of=/dev/rsd1c bs=1m count=1

Type exit to return to the main installer, then choose this new device as the one for your installation.

[...]
Available disks are: sd0 sd1.
Which disk is the root disk? ('?' for details) [sd0] sd1

You will be prompted for the passphrase on startup, but all other operations should be handled transparently.

Using a Keydisk #

As an alternative to using a passphrase, it’s possible to use a key stored on a separate device (e.g. a USB stick) to unlock your encrypted disk. Initialize your keydisk with fdisk(8), then use disklabel(8) to create a 1 MB RAID partition for the key data. If your keydisk is sd1 and the drive you want to encrypt is sd0, the output will look something like this:

# bioctl -c C -k sd1a -l sd0a softraid0
sd2 at scsibus3 targ 1 lun 0: <OPENBSD, SR CRYPTO, 005> SCSI2 0/direct fixed
sd2: 19445MB, 512 bytes/sector, 39824607 sectors
softraid0: CRYPTO volume attached as sd2

You won’t be prompted to enter a passphrase because you used a keydisk instead. The keydisk must be inserted at startup time. You can backup and restore your keydisk using dd(1):

# dd bs=8192 skip=1 if=/dev/rsd1a of=backup-keydisk.img
# dd bs=8192 seek=1 if=backup-keydisk.img of=/dev/rsd1a

Encrypting External Disks #

This section explains how you might set up a cryptographic softraid volume for an external USB drive. If you already read the section on full disk encryption, this should be very familiar. An outline of the steps is as follows:

  • Overwrite the drive’s contents with random data
  • Create the desired RAID-type partition with disklabel(8)
  • Encrypt the drive with bioctl(8)
  • Zero the first megabyte of the new pseudo-partition
  • Create a filesystem on the pseudo-device with newfs(8)
  • Unlock and mount(8) the new pseudo-device
  • Access the files as needed
  • Unmount the drive and detach the encrypted container

A quick example runthrough of the steps follows, with sd3 being the USB drive.

# dd if=/dev/urandom of=/dev/rsd3c bs=1m
# fdisk -iy sd3
# disklabel -E sd3 # make an "a" partition of type RAID
# bioctl -c C -l sd3a softraid0
New passphrase:
Re-type passphrase:
softraid0: CRYPTO volume attached as sd4
# dd if=/dev/zero of=/dev/rsd4c bs=1m count=1
# fdisk -iy sd4
# disklabel -E sd4 # make an "i" partition
# newfs sd4i
# mkdir -p /mnt/secretstuff
# mount /dev/sd4i /mnt/secretstuff
# mv somefile /mnt/secretstuff/
# umount /mnt/secretstuff
# bioctl -d sd4

The same bioctl(8) command can be used to attach the drive later on.