Date: Mon, 9 Apr 2012 18:34:10 +0000 From: Fa bio <fa-h-2007@hotmail.com> To: <freebsd-geom@freebsd.org> Subject: Automatic Geli? Message-ID: <COL115-W4014B9D06091DFE170C09BA5370@phx.gbl>
next in thread | raw e-mail | index | archive | help
Hi! Is it possible to recompile geli/kernel to automatically enter with passwor= d and/or key? I=B4ll explain with an example: If you see a cache system called SpeedR (http://www.speedr.com.br/?locale= =3Den)=2C in their site you can download the ISO and burn it to a CD (http:= //www.speedr.com.br/rc/speedr-0...rc18.2-x64.iso) It=B4s very interesting=2C because all partitions are encrypted with Geli= =2C=20 but there is no passphrase to enter at boot time or key directions in loade= r.conf file. If you mount the partition with another FreeBSD you see only /boot dir. All= files are secure! At boot time you can see this: Timecounters tick every 1.000 msec ipfw2 initialized=2C divert enabled=2C nat enabled=2C rule-based forwarding= enabled=2C default to accept=2C logging disabled load_dn_sched dn_sched FIFO loaded load_dn_sched dn_sched PRIO loaded load_dn_sched dn_sched QFQ loaded load_dn_sched dn_sched RR loaded load_dn_sched dn_sched WF2Q+ loaded usbus0: 12Mbps Full Speed USB v1.0 ad0: 20480MB <QEMU HARDDISK 0.10.2> at ata0-master WDMA2=20 ugen0.1: <Intel> at usbus0 uhub0: <Intel UHCI root HUB=2C class 9/0=2C rev 1.00/1.00=2C addr 1> on usb= us0 ad1: 30720MB <QEMU HARDDISK 0.10.2> at ata0-slave WDMA2=20 WARNING: ad0s1 expected rawoffset 0=2C found 63 uhub0: 2 ports with 2 removable=2C self powered GEOM_ELI: Wrong key for ad0s1d. Tries left: 2. ugen0.2: <QEMU 0.10.2> at usbus0 ums0: <Endpoint1 Interrupt Pipe> on usbus0 ums0: 3 buttons and [Z] coordinates ID=3D0 GEOM_ELI: Device ad0s1d.eli created. GEOM_ELI: Encryption: AES-XTS 128 GEOM_ELI: Crypto: software acd0: CDROM <QEMU DVD-ROM/0.10.2> at ata1-slave WDMA2=20 SMP: AP CPU #2 Launched! SMP: AP CPU #3 Launched! SMP: AP CPU #1 Launched! GEOM_ELI: Wrong key for ad0s1cd. Tries left: 2. GEOM_ELI: Cannot create device ad0s1cd.eli. Trying to mount root from ufs:ad0s1d.eli GEOM_ELI: Device ad0s1g.eli created. GEOM_ELI: Encryption: AES-XTS 128 GEOM_ELI: Crypto: software GEOM_ELI: Device ad0s1f.eli created. GEOM_ELI: Encryption: AES-XTS 128 GEOM_ELI: Crypto: software GEOM_ELI: Device ad0s1e.eli created. GEOM_ELI: Encryption: AES-XTS 128 GEOM_ELI: Crypto: software How is it possible? Important: I don't want to get inside this system! I just want to=20 understand how it is possible to automatically mount geli partitions=20 without entering any key or passphrase. I saw many tutorials but they all ask to enter a passphrase! Any ideas? Thanks Felix =09 =
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?COL115-W4014B9D06091DFE170C09BA5370>