Date: Wed, 21 Jul 2021 12:43:52 +0000 From: bugzilla-noreply@freebsd.org To: geom@FreeBSD.org Subject: [Bug 254637] [PATCH] Read kern.geom.eli.passphrase from UEFI variable for unattended boot without passphrase on disk Message-ID: <bug-254637-14739-Z6y1rK00TA@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-254637-14739@https.bugs.freebsd.org/bugzilla/> References: <bug-254637-14739@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254637 --- Comment #1 from ruben@verweg.com --- Tried the patch on VMWare and a Clevo NL5xRU notebook with the geli password as a efi var. Besides VMWare UEFI being fickly works as intended. Though this is not UEFI secure boot it is a convenient way for server systems to have both full disk encryption and unattended reboots. I feel it is at the administrators discretion to determine wether to have a key/passphrase in unprotected nvram is different than on a unprotected boot partition It would address the need of people who installed their zfs systems using a separate boot pool using preconfigured keys and want to consolidate that into a single pool so bectl/beadm starts to work for them. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-254637-14739-Z6y1rK00TA>