Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 19 Sep 2015 21:52:43 +0100
From:      Toby Slight <tobyslight@gmail.com>
To:        FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   Re: 10.2 Encrypted UFS install always fails
Message-ID:  <CACw1_R=X2mf5Y_zp4OoP1Z6cfZJSZg-LGjdyMs-VQ3b2hjdR4Q@mail.gmail.com>
In-Reply-To: <CACw1_R=L3KGvaKTuPm39hKN%2B=WPRBLTbomRCWTcw3FLGODsM6g@mail.gmail.com>
References:  <CACw1_R=L3KGvaKTuPm39hKN%2B=WPRBLTbomRCWTcw3FLGODsM6g@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 19 September 2015 at 21:03, Toby Slight <tobyslight@gmail.com> wrote:

> Hi there,
>
> I have tried 3 times on 2 separate devices (ThinkPad T430 and Gigabyte
> Brix GB-BXBT-2807), to do an encrypted UFS install of 10.2, following the
> instructions found here:
>
> http://www.bsdnow.tv/tutorials/fde
>
> Every time I end up at the screen pictured below, after a panic:
>
> http://i.imgur.com/p61geNS.jpg
>
> Is there something missing from that guide? Some change in 10.2 that it
> doesn't account for? Or does anyone have any other ideas where I might be
> going wrong?
>
> To paraphrase my disk setup procedure:
>
> gpart create -s gpt ada0
> gpart add -t freebsd-boot -s 512k -a 4k ada0
> gpart add -t freebsd-ufs -l bootfs -s 1g -a 1m ada0
> gpart add -t freebsd-ufs -l encrypted -a 1m ada0
> gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 ada0
> geli init -b -s 4096 ada0p3
> geli attach ada0p3
> newfs -U /dev/ada0p2
> newfs -U /dev/ada0p3.eli
> mount /dev/ada0p3.eli /mnt
> mkdir /mnt/unenc
> mount /dev/ada0p2 /mnt/unenc
> mkdir /mnt/unenc/boot
> ln -s unenc/boot /mnt/boot
> vi /tmp/bsdinstall_etc/fstab
> vi /tmp/bsdinstall_boot/loader.conf
>
> fstab:
>
> /dev/ada0p2     /unenc ufs     rw,noatime      1       1
> /dev/ada0p3.eli  /       ufs     rw,noatime      2       2
>
> loader.conf:
>
> geom_eli_load="YES"
> vfs.root.mountfrom="ufs:ada0p3.eli"
> aesni_load="YES
>
> Any ideas?
>

Forgot to mention that a standard, encrypted ZFS install (using the built
in utility) works flawlessly every time on both devices.

-- 
0x2b || !0x2b

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CACw1_R=X2mf5Y_zp4OoP1Z6cfZJSZg-LGjdyMs-VQ3b2hjdR4Q>