Hi there ! I have a little box at home, hosting some little services for personal use under freebsd with a full disk encryption (geli). I’m never at home and long power outage often occurs so I always need to come back home to type my passphrase to decrypt the disk.

I was searching this week a solution to do it remotely and found the “poor-guy-kvm” solutions turning a Raspberry like board (beaglebone black in my case) in a hid keyboard. It works fine once the computer has booted but once reboot when the passphrase is asked before it loads the loader menu, nothing. When I plug an ordinary USB keyboard I can type my passphrase so USB module is loaded.

Am I missing something ? Am I trying something impossible ?

(I could’ve asked on freebsd forum but… Have to suscribe, presentation, etc… Long journey)

  • Jean-Mich Much@jlai.luOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    1 year ago

    No problem, I appreciate ;) I hope my answer was not too rude !

    At the beginning to try something different, curiosity. I’ve began to write a comparison but in fact I can not doing that because I never used Linux for self hosted services, just for user things like… Checking my mails. I find it easier for that side.

    But, for example , after setting my first jails , I’ve read how I could’ve done it on Linux. I’ve found lxc (for example) hard to learn and configure while chroot was not enough secure to my taste without a little bit tuning. Jail is native, it’s one conf file, easy to read and write, and four lines in rc.conf to enable it (with its own virtual network interface). With zfs it’s easy to deploy the same base system for all your jails and to maintain it update and it’s fully isolated. Want to enable another service ? Write theservice_load=“YES” in rc.conf. no systemd linking with some file or whatever I don’t know. Same if you want an additional virtual network (+1 more line). Customizing your kernel, build it and installing it is one conf file to edit +4 for short command line (don’t know how to do on Linux)…

    Again it’s not a comparison, it’s just why I stay with freebsd, maybe it’s more comfortable to me because I’m not doing real hard security things, I’m not a pro sysadmin , but I found doing and learning those things (customizing kernel, jails and other things) was (really) easy when reading the clear docs. And many security things are native.

    Sorry for the long answer ^

    • plague-sapiens@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Your answer wasn’t rude at all :) and thanks for the long one! Looks like I should try FreeBSD again, last time I was just overwhelmed, but that’s many years ago. My last try was OPNsense which didn’t work like I wanted it to (stupid IPv6-to-IPv4 tunnel, which didn’t properly reconnect after the 24h ISP disconnection and my script to fix this fucked up latency and gaming wasn’t possible because of stutters (probably packet loss too)). Security is the main aspect of my try to use it. Linux can be like a swiss cheese if misconfigured. Still better than Windows (Server) tho xD