From owner-freebsd-questions@FreeBSD.ORG Sat Mar 26 11:42:07 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9E2A216A4CE for ; Sat, 26 Mar 2005 11:42:07 +0000 (GMT) Received: from jeremino.homeunix.net (jeremino.xs4all.nl [80.126.224.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3C0E643D2D for ; Sat, 26 Mar 2005 11:42:07 +0000 (GMT) (envelope-from spam@jeremino.homeunix.net) Received: from jeremina.homeunix.net ([10.0.0.5]) by jeremino.homeunix.net with smtp (Exim 4.42) id 1DF9g5-00089n-5L for freebsd-questions@freebsd.org; Sat, 26 Mar 2005 12:42:05 +0100 Message-Id: <2048306.04W6tXOxnu@not_a_message_id> From: Kees Plonsz To: freebsd-questions@freebsd.org Date: Sat, 26 Mar 2005 12:41:59 +0100 References: Lines: 39 Organization: Chaotic User-Agent: KNode/0.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7Bit Subject: Re: gbde - destroying master key without lockfile X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Mar 2005 11:42:07 -0000 Peter Schuller wrote on Saturday 26 March 2005 12:09 in the group list.freebsd.questions: > Hello, > > I would like to use gbde to encrypt some disks. Using an external lockfile > things work pretty much as documented (except for some options that aren't > supported by the tool, but which are listed in the manpage). However, for > this particular situation, I do not want to use an external lockfile. > > The manpage seems to imply that without -L/-l, the first sector is used as > a lockfile. Indeed, I can init, attach and detach devices without an > external lockfile. However, when I attempt to destroy the master key: > > # gbde destroy /dev/label/storage304 > Enter passphrase: > Opened with key 0 > gbde: No -L option and no space in sector 0 for lockfile > > Trying to use -L for this particular operation fails: > > gbde: illegal option -- L > Usage error: Invalid option > > And trying to specify "-n -1" as the manpage says also fails: > > gbde: illegal option -- n > Usage error: Invalid option > > So the question is - how do I destroy the master key (other than dd > if=/dev/zero of=...) when not using an external lockfile? > > (The reason I do not want to use an external lockfile is simply that I do > not see a need for it in my situation and I would feel much more > comfortable if the gbde volume was self-contained; no need to backup > anything else or keep it in synch.) > Instead of "destroy" I use "nuke".