From owner-freebsd-geom@FreeBSD.ORG Sun Apr 8 02:35:19 2007 Return-Path: X-Original-To: freebsd-geom@freebsd.org Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E83D216A400 for ; Sun, 8 Apr 2007 02:35:18 +0000 (UTC) (envelope-from pjd@garage.freebsd.pl) Received: from mail.garage.freebsd.pl (arm132.internetdsl.tpnet.pl [83.17.198.132]) by mx1.freebsd.org (Postfix) with ESMTP id 57C5113C455 for ; Sun, 8 Apr 2007 02:35:17 +0000 (UTC) (envelope-from pjd@garage.freebsd.pl) Received: by mail.garage.freebsd.pl (Postfix, from userid 65534) id 91000487F5; Sun, 8 Apr 2007 04:35:14 +0200 (CEST) Received: from localhost (cvl74.internetdsl.tpnet.pl [83.19.93.74]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.garage.freebsd.pl (Postfix) with ESMTP id 198904569A; Sun, 8 Apr 2007 04:35:02 +0200 (CEST) Date: Sun, 8 Apr 2007 04:34:50 +0200 From: Pawel Jakub Dawidek To: RW Message-ID: <20070408023450.GV63916@garage.freebsd.pl> References: <20070408005942.48c10ea8@gumby.homeunix.com> <20070408003233.GT63916@garage.freebsd.pl> <20070408033114.128f7da8@gumby.homeunix.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="reSNjdE3Iylkp4B8" Content-Disposition: inline In-Reply-To: <20070408033114.128f7da8@gumby.homeunix.com> X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 7.0-CURRENT i386 User-Agent: mutt-ng/devel-r804 (FreeBSD) X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on mail.garage.freebsd.pl X-Spam-Level: X-Spam-Status: No, score=-2.5 required=3.0 tests=BAYES_00,RCVD_IN_NJABL_DUL autolearn=no version=3.0.4 Cc: freebsd-geom@freebsd.org Subject: Re: Geli Encrypted DVDs X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Apr 2007 02:35:19 -0000 --reSNjdE3Iylkp4B8 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Apr 08, 2007 at 03:31:14AM +0100, RW wrote: > On Sun, 8 Apr 2007 02:32:33 +0200 > Pawel Jakub Dawidek wrote: >=20 > > On Sun, Apr 08, 2007 at 12:59:42AM +0100, RW wrote: > > >=20 > > > In the questions list Roland Smith suggested that a geli encrypted > > > dvd could be created by burning the backing file from an geli > > > encrypted md device as a disk image.=20 > > >=20 > > > We were neither able to attach the DVD device though, see: > > >=20 > > > http://lists.freebsd.org/pipermail/freebsd-questions/2007-March/14543= 3.html > > >=20 > > > Does anyone know if this can be made to work? > > >=20 > > > FWIW I have no problem putting a UFS2 filesystem on a DVD-R without > > > geli. > >=20 > > Could you give me the output of: > >=20 > > # ls -l $HOME/backupDVD.img=20 > > # diskinfo -v /dev/acd0 > > # geli dump /dev/acd0 > >=20 >=20 >=20 > # ls -l /home/t/dvd.img > -rw-r--r-- 1 bob bob 4613734400 Mar 21 13:15 /home/t/dvd.img >=20 > # diskinfo -v /dev/acd0 > /dev/acd0 > 2048 # sectorsize > 4613734400 # mediasize in bytes (4.3G) > 2252800 # mediasize in sectors >=20 > # geli dump /dev/acd0 > Cannot read metadata from /dev/acd0: Invalid argument. > Not fully done. >=20 > ------------------------------------------------- >=20 > If I run the last command on the image file's md device instead: >=20 > # geli dump /dev/md0 > Metadata on /dev/md0: > magic: GEOM::ELI > version: 3 > flags: 0x0 > ealgo: AES-CBC > keylen: 256 > provsize: 4613734400 > sectorsize: 512 The problem is different size between CD and your image. Try to create image with -S 2048 option. --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --reSNjdE3Iylkp4B8 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) iD8DBQFGGFTKForvXbEpPzQRAphXAKDr3z+FHHwC6muCUodG0ch62zrzKgCdGeZh krwLp3nv42KzCXzRvzZWZnU= =bdhK -----END PGP SIGNATURE----- --reSNjdE3Iylkp4B8--