From owner-freebsd-geom@FreeBSD.ORG Sun Dec 23 21:02:26 2012 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 164B2EDD for ; Sun, 23 Dec 2012 21:02:26 +0000 (UTC) (envelope-from pawel@dawidek.net) Received: from mail.dawidek.net (garage.dawidek.net [91.121.88.72]) by mx1.freebsd.org (Postfix) with ESMTP id C9C4A8FC14 for ; Sun, 23 Dec 2012 21:02:25 +0000 (UTC) Received: from localhost (static254.debica228.tnp.pl [87.116.228.254]) by mail.dawidek.net (Postfix) with ESMTPSA id 71B21217; Sun, 23 Dec 2012 22:00:12 +0100 (CET) Date: Sun, 23 Dec 2012 22:02:22 +0100 From: Pawel Jakub Dawidek To: =?utf-8?B?0JHQu9C+0LPQtdGA?= Subject: Re: keyfile on another HDD. Message-ID: <20121223210221.GB1436@garage.freebsd.pl> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="8P1HSweYDcXXzwPJ" Content-Disposition: inline In-Reply-To: X-OS: FreeBSD 10.0-CURRENT amd64 User-Agent: Mutt/1.5.21 (2010-09-15) Cc: freebsd-geom@freebsd.org X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 23 Dec 2012 21:02:26 -0000 --8P1HSweYDcXXzwPJ Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Dec 22, 2012 at 02:40:28PM +0300, =D0=91=D0=BB=D0=BE=D0=B3=D0=B5=D1= =80 wrote: > Is it possible to read key file from another HDD with FAT16 during > system boot? I assume you are asking for GELI disk encryption? It depends which stage in the boot process we are talking about. If you would like to read key from a file for partition, which holds root file system (so you need the key after the kernel is loaded, but before root file system is mounted) then no, it is not currently possible. Key can be read only from the file system the kernel was loaded and I don't believe we can boot FreeBSD from FAT16. If you would like to read key after root is mounted, then it should be possible. Your FAT16 file system just needs to be mounted before /etc/rc.d/geli script is executed. --=20 Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://tupytaj.pl --8P1HSweYDcXXzwPJ Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlDXcV0ACgkQForvXbEpPzR0tgCfScWhdO8zh+A5xtMCrUyJu0OE uNIAoOem/ZDE8TJxlS0yMn3g8c6k479H =0D8N -----END PGP SIGNATURE----- --8P1HSweYDcXXzwPJ--