Date: Wed, 7 Nov 2007 07:25:35 -0600 From: Josh Paetzel <josh@tcbug.org> To: freebsd-questions@freebsd.org Cc: Matthias Fechner <idefix@fechner.net> Subject: Re: Autoattach geli device but not at startup Message-ID: <200711070725.40416.josh@tcbug.org> In-Reply-To: <20071107131345.GA10158@server.idefix.lan> References: <20071107131345.GA10158@server.idefix.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart12349197.v6KEr7eyvv Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Wednesday 07 November 2007 07:13:45 am Matthias Fechner wrote: > Hi, > > I have here a setup where some backup directories are mounted > encrypted (using geli). > rc.conf: > geli_devices=3D"ad3" > geli_ad3_flags=3D"-k /root/backup1.key" > ... > > But if the system must be rebooted it asks for the password before a > network connection is available. > The computer has no keyboard via default so it is really a pain to get > the system up again. > > Is their a possibility to do something like that after the reboot: > mount /mnt/backup1 > and mount starts geli and geli will ask for the passphrase? > > Thanks, > Matthias This is one of those cases where I would alter the base system a bit. I'd= =20 fiddle with the #REQUIRE in /etc/rc.d/geli to get it to start after sshd,=20 perhaps change it from initrandom to sshd. You can check to make sure the= =20 changes are sane by running rcorder manually. If you go this route the console will still prompt for the passphrase, but= =20 you'll be able to ssh in and run /etc/rc.d/geli start manually, which after= =20 it ran, would automagically run everything after it in rcorder =2D-=20 Thanks, Josh Paetzel PGP: 8A48 EF36 5E9F 4EDA 5A8C 11B4 26F9 01F1 27AF AECB --nextPart12349197.v6KEr7eyvv Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQBHMbzUJvkB8SevrssRAl5RAJ41KiF9fo2myUg91D1RgB3PnDDtmQCfeMoH SGyMbgygsw2ILosMGqnLBiY= =KI4A -----END PGP SIGNATURE----- --nextPart12349197.v6KEr7eyvv--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200711070725.40416.josh>