From owner-freebsd-questions@FreeBSD.ORG Fri Sep 5 20:40:17 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B1ADC1065676 for ; Fri, 5 Sep 2008 20:40:17 +0000 (UTC) (envelope-from cemkayali@eticaret.com.tr) Received: from dolphin.defaultdns.com (dolphin.defaultdns.com [208.38.186.200]) by mx1.freebsd.org (Postfix) with ESMTP id 842C98FC12 for ; Fri, 5 Sep 2008 20:40:17 +0000 (UTC) (envelope-from cemkayali@eticaret.com.tr) Received: from [85.101.92.167] (helo=[192.168.0.82]) by dolphin.defaultdns.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Kbhni-0005Il-Ap for freebsd-questions@freebsd.org; Fri, 05 Sep 2008 20:21:02 +0000 Message-ID: <48C1952D.2070001@eticaret.com.tr> Date: Fri, 05 Sep 2008 23:23:09 +0300 From: Cem Kayali User-Agent: Evolution 2.22.3.1 (X11/20080709) MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <48C19494.90005@eticaret.com.tr> In-Reply-To: <48C19494.90005@eticaret.com.tr> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - dolphin.defaultdns.com X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [26 6] / [26 6] X-AntiAbuse: Sender Address Domain - eticaret.com.tr Subject: Re: "geli init -a hmac/sha256" does not work properly X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Sep 2008 20:40:17 -0000 Sorry, forgot to mention: This is FreeBSD 7.0 on i386 machine with SATA mode enabled on bios. Regards Cem Kayali, 09/05/08 23:20: > > Hello all there!... > > Once i would like to enable disk encryption with geli approcah, i > noticed following problem: > > > > CASE 1 | SUCCES > ----------------------------------------------------------------------------------------------- > > geli init -b -e aes -l 256 -s 4096 /dev/ad4s1 > This initializes geli without problem, and then once you run > 'bsdlabel -w /dev/ad4s1' it goes as expected. > CASE 2 | FAIL > ----------------------------------------------------------------------------------------------- > > geli init -b -e aes -l 256 -s 8192 /dev/ad4s1 > This initializes geli with a warning message 'sector size is > bigger than the page size' and also 'bsdlabel -w /dev/ad4s1' fails > with following notice: 'bsdlabel: /dev/ad4s1 read: invalid argument' > > CASE 3 | FAIL > ----------------------------------------------------------------------------------------------- > > geli init -b -e aes -l 256 -s 4096 -a hmac/sha256 /dev/ad4s1 > This initializes geli with a warning message 'sector size is > bigger than the page size' and also 'bsdlabel -w /dev/ad4s1' fails > with following notice: 'bsdlabel: /dev/ad4s1 read: invalid argument' > > In short, if i enable 'data integrity verification' or if i increase > 'sector size', 'bsdlabel -w' gives error message. > > > > I thank you in advance for advises. > > > Regards, > Cem >