From owner-freebsd-questions@FreeBSD.ORG Sat Jan 23 02:09:19 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 44C96106566C for ; Sat, 23 Jan 2010 02:09:19 +0000 (UTC) (envelope-from rwmaillists@googlemail.com) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.156]) by mx1.freebsd.org (Postfix) with ESMTP id C73F98FC08 for ; Sat, 23 Jan 2010 02:09:18 +0000 (UTC) Received: by fg-out-1718.google.com with SMTP id 16so236784fgg.13 for ; Fri, 22 Jan 2010 18:09:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type:content-transfer-encoding; bh=skUZ85RgDG268yBiG6CgwdexNZfryyvlUULEhOVSDig=; b=EDJBp9WgcET5rJ/9gJC0QzV8vwiiemweWf0lMCRsqBtyUGWh+bPvtiYEqmUoe2YL6R l5B9QoiwAo6WEfQ5JJ18xSbtqAIDDOmOFcS5BRxD2LyO5VQNJGhzrCIZLQ3mUI9Rg2nX S4KNfG4JwfN+TgDm/na7ZHwPMLookDpPMvI0U= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type:content-transfer-encoding; b=WmU84jccroWo9SRtg7qjG6hYxxBRPRX02HTwCN9aQuFlhdxtlgrnIXOQA+hMyVYCro i52TwopV7jP6IAp2siemFcUJg9KFRm36O6Gbvk8Atbf/jq/DNCHdr7ywgrk1Cu/TDvB2 Pl6obdak9EXhbYU7kSQ19d9HlSPCRUKUfSYtM= Received: by 10.87.40.26 with SMTP id s26mr5919482fgj.72.1264212557716; Fri, 22 Jan 2010 18:09:17 -0800 (PST) Received: from gumby.homeunix.com (bb-87-81-140-128.ukonline.co.uk [87.81.140.128]) by mx.google.com with ESMTPS id 12sm1637550fgg.17.2010.01.22.18.09.16 (version=SSLv3 cipher=RC4-MD5); Fri, 22 Jan 2010 18:09:17 -0800 (PST) Date: Sat, 23 Jan 2010 02:09:14 +0000 From: RW To: freebsd-questions@freebsd.org Message-ID: <20100123020914.250a1aee@gumby.homeunix.com> In-Reply-To: <20100123013431.GC35458@slackbox.xs4all.nl> References: <201001220908.o0M980UG017425@mp.cs.niu.edu> <20100123013431.GC35458@slackbox.xs4all.nl> X-Mailer: Claws Mail 3.7.3 (GTK+ 2.18.6; i386-portbld-freebsd8.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: GELI file systems unusable after "glabel label" operations X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jan 2010 02:09:19 -0000 On Sat, 23 Jan 2010 02:34:31 +0100 Roland Smith wrote: > On Fri, Jan 22, 2010 at 03:08:00AM -0600, Scott Bennett wrote: > > > > Why is that stored in the last sector of the device, rather > > than in the key file? What is the purpose of the key file if not > > to hold that type of information? The keyfile is user generated, usually just some bytes from /dev/random > All geom(4) providers use their last sector to store metadata; it's a > design decision. Probably because the first sector(s) are used for > boot blocks or filesystem metadata etc. > > It would have been possible to store the generated key in the > user-provided keyfile. But since it is not mandatory to have a > keyfile (you can also use just a passphrase), it makes more sense to > use the already provided metadata space in the last sector. Having it on the last sector allows the auto-detection of geli partitions. It would be nice to have the option of having the metadata in a separate metadata file instead of the last sector, to allow geli partitions to be indistinguishable from securely erased partitions.