Date: Sun, 23 Dec 2012 22:02:22 +0100 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: =?utf-8?B?0JHQu9C+0LPQtdGA?= <bloger@ngs.ru> Cc: freebsd-geom@freebsd.org Subject: Re: keyfile on another HDD. Message-ID: <20121223210221.GB1436@garage.freebsd.pl> In-Reply-To: <VYf743db33az97Qyp04k05A8@ngs.ru> References: <VYf743db33az97Qyp04k05A8@ngs.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
--8P1HSweYDcXXzwPJ Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Dec 22, 2012 at 02:40:28PM +0300, =D0=91=D0=BB=D0=BE=D0=B3=D0=B5=D1= =80 wrote: > Is it possible to read key file from another HDD with FAT16 during > system boot? I assume you are asking for GELI disk encryption? It depends which stage in the boot process we are talking about. If you would like to read key from a file for partition, which holds root file system (so you need the key after the kernel is loaded, but before root file system is mounted) then no, it is not currently possible. Key can be read only from the file system the kernel was loaded and I don't believe we can boot FreeBSD from FAT16. If you would like to read key after root is mounted, then it should be possible. Your FAT16 file system just needs to be mounted before /etc/rc.d/geli script is executed. --=20 Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://tupytaj.pl --8P1HSweYDcXXzwPJ Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlDXcV0ACgkQForvXbEpPzR0tgCfScWhdO8zh+A5xtMCrUyJu0OE uNIAoOem/ZDE8TJxlS0yMn3g8c6k479H =0D8N -----END PGP SIGNATURE----- --8P1HSweYDcXXzwPJ--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20121223210221.GB1436>