Date: Wed, 19 Apr 2006 09:00:03 -0500 From: "Adam Wood" <aswood@gmail.com> To: "Frank J. Beckmann" <frank@barda.agala.net> Cc: freebsd-geom@freebsd.org Subject: Re: How to make a bootable USB stick for booting a geli encryptet hard disk? Message-ID: <77518d100604190700o7b1a3e0en301121517c4d77d1@mail.gmail.com> In-Reply-To: <200604181653.55129.frank@barda.agala.net> References: <200604181653.55129.frank@barda.agala.net>
next in thread | previous in thread | raw e-mail | index | archive | help
I've been working on writing a guide for creating a bootable CD-R for those of us who cannot boot USB devices, but, since you can, you might try this: Boot up the 6.1-RC install CD (disc1) and start the Fixit shell. If you've already built a custom kernel or something on your encrypted disk, you'll need to go through whatever steps necessary to mount it and gain access to its /boot. Otherwise, you can just use the kernel on the boot CD. Prepare the USB device and make it bootable: fdisk -BI /dev/ad0 bsdlabel -Brw /dev/ad0s1 bsdlabel -e /dev/ad0s1 Note that -e invokes $EDITOR, so you might have to set it to the correct pa= th. export EDITOR=3D/dist/usr/bin/vi bsdlabel can be tricky if you're entering it in manually. You don't want to touch the c: listing. You just want to add an a: listing before it, and give it the same values that the c: entry has, except change "unused" to "4.2BSD". Save and exit. Now you need to give it a filesystem: newfs /dev/ad0s1 And mount it: mkdir /mnt mount /dev/ad0s1 /mnt Now copy the kernel: cp -Rp /dist/boot /mnt/ You'll need to create a loader.conf unless you've compiled geom_eli into the kernel: echo geom_eli_load=3D\"YES\" >> /mnt/boot/loader.conf You should also create an etc/fstab file on the root of the USB disk: mkdir /mnt/etc vi /mnt/etc/fstab If you already have an /etc/fstab file on your encrypted disk, this new fstab may only need to contain the root partition location. I could be wrong, though, so you might just include all of the partitions. If you have access to the /etc/fstab on the encrypted disk, it'll probably be easier to just copy it. Afterwards, you should be able to reboot and hope everything works. --adam Note: The commands to prepare the USB disk WILL erase everything on it. I assume you know that. On 4/18/06, Frank J. Beckmann <frank@barda.agala.net> wrote: > Hi, > > I plan to encrypt the whole hard drive with geli. That is reaaly well > documented and every thing went ok. But there is one thing that does not > work. How do I make a bootable USB stick? I need it because the root > partition of the hard drive is encrypted too. I tried to make a bootable = USB > stick with sysinstall and also with fdisk. I tried to do it on my new Ath= lon > 64 board and on and old Pentium III board. The result is always the same: > When I try to boot from the stick the Athlon 64 always says "invalid slic= e". > And the P III always tells my "invalid label". That look like some kind o= f > geometry problem. Can anybody help my please? I'm using FreeBSD 6.1-RC. > > Sorry if this gets posted twice. > -- > Bye > Frank > _______________________________________________ > freebsd-geom@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-geom > To unsubscribe, send any mail to "freebsd-geom-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?77518d100604190700o7b1a3e0en301121517c4d77d1>