Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SD Card encryption

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      torontob
      last edited by

      Hi everyone,

      What are the options available to encrypt the Flash Card with pfSense on it? I have Console password already setup. However, I want to guard against malicious user opening the Alix case when it's on a remote site. I can't afford to enter a password at boot up due to encryption. Is there any way to encrypt without the need to enter a password each time system is restarted and also guard against the user seeing data on SD card if they connect it directly to their computer?

      Thanks,

      1 Reply Last reply Reply Quote 0
      • D Offline
        doktornotor Banned
        last edited by

        Obviously no and if there was, such self-decrypting "encryption" would be utterly useless.

        1 Reply Last reply Reply Quote 0
        • jimpJ Offline
          jimp Rebel Alliance Developer Netgate
          last edited by

          We don't officially have any support for disk encryption, but FreeBSD does. It does require manually entering the password, otherwise as doktornotor said it would be pretty worthless. You can have security, or you can have convenience, you can almost never have both.

          http://www.freebsd.org/doc/en/books/handbook/disks-encrypting.html

          You need an unencrypted section of the disk in addition to the encrypted section (or two separate disks), I don't believe it supports booting from an encrypted disk for some obvious reasons.

          If you're that worried about someone stealing the CF, then you either need to not keep such sensitive data on it, or invest in some good physical security measures to keep it physically safe and locked up.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.