markomas

joined 1 year ago
[–] markomas 16 points 11 months ago (2 children)

Hi, Why not to do little bit diffrently?

  1. Server boots into unencrypted kernel with ssh server (it has just that ssh server)
  2. Then you connect remotely via ssh and provide password (unlock encrypted disks etc)
  3. Then system boots to encrypted environment which you unlocked at step 2
  4. profit

No second pc/raspberry is required

I have this done with luks on Debian: https://hamy.io/post/0009/how-to-install-luks-encrypted-ubuntu-18.04.x-server-and-enable-remote-unlocking/ I think you can adapt something similar to your freebsd

Quick google search found:

https://forums.freebsd.org/threads/encrypted-root-with-unencrypted-preboot-and-reboot-r.74378/

https://github.com/Sec42/freebsd-remote-crypto

[–] markomas 3 points 1 year ago

Well technically you can install 3rd party apps using AltStore since iOS 14 (?). It’s a hassle to set up and you have to be at home every week (it needs to be at same network with your pc). But you don’t need rooting!!!

And since I sideload only YouTube and YouTube music (same apps as I had sideloaded with android) and I after Covid still don’t travel for longer than 1 week.

(Yes, I lost bet and I had to start using iPhone for two years)

[–] markomas 1 points 1 year ago* (last edited 1 year ago)

Damn, season 1 was so good, can’t wait for season 2. No idea, why I liked, but somehow it hooked me.