From owner-freebsd-questions@freebsd.org Tue Jun 19 13:44:47 2018 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 471FF101AA84 for ; Tue, 19 Jun 2018 13:44:47 +0000 (UTC) (envelope-from freebsd.ed.lists@sumeritec.com) Received: from mx36-out25.antispamcloud.com (mx36-out25.antispamcloud.com [209.126.121.73]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B8D46813EA for ; Tue, 19 Jun 2018 13:44:46 +0000 (UTC) (envelope-from freebsd.ed.lists@sumeritec.com) Received: from [153.92.8.106] (helo=srv31.niagahoster.com) by mx63.antispamcloud.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1fVGvz-000BpH-I0; Tue, 19 Jun 2018 15:44:38 +0200 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sumeritec.com; s=default; h=Content-Transfer-Encoding:Content-Type: MIME-Version:References:In-Reply-To:Message-ID:Subject:Cc:To:From:Date:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=U5puVkEXEhiXd26+CylcDnuxxITY2IAqfLUU3ADguw8=; b=aKV+22r6P8tWX4LtCRctR6/9Kn T76UL3hPemvurrTtyDWA9EWHWgBq/Qjmx4L/l86oHcHzGFmdixFkRQrw6BfHHl/rn4rjk0U/H6KSf OQJJHSEM55GzSndMbERBllxvdgQthcibCt9SiyHGV5B3VxY6TKAsGlBiTnbdgEaRMF5A+Uzex6Qh7 /LA5vU3cqDVNvaJ3hvKmGr4MCfsHNnsBYjKT7btxSVqpN4b/tUSUYSJCsPXve2botVwV3ddW8D8sq mI20UjY8EY+XnEw/Fu7nPK4eMgAyFuOgVttgtK8f5TnEjWLuzTlhBAEPBDVMD6IikY1ETobX2P+jx RNPZHFiQ==; Received: from [114.125.71.15] (port=63722 helo=X220.sumeritec.com) by srv31.niagahoster.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89_1) (envelope-from ) id 1fVGv9-00040L-3Q; Tue, 19 Jun 2018 20:43:46 +0700 Date: Tue, 19 Jun 2018 21:43:41 +0800 From: Erich Dollansky To: thor Cc: freebsd-questions@freebsd.org Subject: Re: How to disable GELI selectively? Message-ID: <20180619214341.46a49211.freebsd.ed.lists@sumeritec.com> In-Reply-To: <16158446-3c89-befe-7b99-644b1002699f@irk.ru> References: <07733d85-d212-8866-b3eb-56ee42340294@irk.ru> <20180619095059.7e3ef341.freebsd.ed.lists@sumeritec.com> <089a5476-0fb5-53ec-8713-033916e556c3@irk.ru> <20180619122434.4384c781.freebsd.ed.lists@sumeritec.com> <16158446-3c89-befe-7b99-644b1002699f@irk.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-OutGoing-Spam-Status: No, score=-0.2 X-AuthUser: freebsd.ed.lists@sumeritec.com X-Originating-IP: 153.92.8.106 X-AntiSpamCloud-Domain: out.niagahoster.com X-AntiSpamCloud-Username: niaga Authentication-Results: antispamcloud.com; auth=pass (login) smtp.auth=niaga@out.niagahoster.com X-AntiSpamCloud-Outgoing-Class: unsure X-AntiSpamCloud-Outgoing-Evidence: Combined (0.13) X-Recommended-Action: accept X-Filter-ID: EX5BVjFpneJeBchSMxfU5gZ61/js20SyQH90NmVkQgF602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx q3u0UDjvO4ke/6vJEnIP4fnPPGqUqMPeDkUa/BoiqWXIV3RPDVRbq+PAvvy80alcxC139TS1LEUW C04XSAzD9BY3jWqrMAxmYJ49B/DE8k0PzQHlHpi2FI/Eie+XPWXdaSJPpTOrKkZG8oN1iDmTG7Hg JoA5koLiVqamZ8M26IAEWi+2Ocx17tX1JIIXdACoWW+Y4L3+WxljVqhxdXV3gQ/G9r9dUY8shrdS UGBqYD1b3O4LgIA2Xf0h6+fHHN3QGYGjjfLUnadwIWiT3ao/LB5r1Ec1MuFvvEOopgDh1Y95jd56 Ml/+RgudzGUUerEAVH/t0RiO6lMivTUZx3kK8MzAkN4umBwDuONzMRaL3IMJceeVmuMY+GQ66azi oBnt+leQ7P/PJa5bnDo24DGtuB2f7cV9tifHJLAog+xhoE1SNtiS0/sc063wNIP86G1MVMUiGxIs WxfbvSsgV4/hTS1NUrycef/Y5Qx4fJOk03R5fJtf/Dv/+wQUdLUpJ8yQFl4N4vBbPEkUi1f0rnWj snnuHqursW2nbyUsYxO/C43KEXEXU3s3xCu8YZEK1gFd+2XEFyhIWvv2EwFMyChA4XSUAxJsdi1J RDTrFfE9hRozNLOfrWUHpiq77+FGt7fvHyvnhwGIS+tWwK2Quda7fUb2So3L8KQpe9MHGkHZShXZ Aw6h+E8YbRM4x74Yz+5fZ5jHY3HwAmbjO41FyBEqIaDudcVplPFessJrJCtkxjp7nKiO6IhjftNh vyz+WEADT057DIb/1dKN/AQp8jpbRraikVXnySSRTpMwAj1yq2r9Rw4WAr7/3jR5NeVaJQBh0uaw l0Cg8htcl5KIkvVnQvfjCHKndSPb0XYhxlDmlAp+X4JfJqT8X181PYFznmq08RgbfGRd6ZVeOGYn G/Abl3llRaIJyDE9IwzapqH0eYYLWxLGvcsI X-Report-Abuse-To: spam@quarantine1.antispamcloud.com X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Jun 2018 13:44:47 -0000 Hi, On Tue, 19 Jun 2018 18:35:29 +0800 thor wrote: > =C2=A0% cat /boot/loader.conf > geom_eli_load=3D"YES" > geli_ada0p3_keyfile0_load=3D"YES" > geli_ada0p3_keyfile0_type=3D"ada0p3:geli_keyfile0" > geli_ada0p3_keyfile0_name=3D"/boot/key" I do not understand this ether. It should attach only the partition mentioned above. Can you try the following for the partitions not to attach: geli_adaXp3_keyfile0_load=3D"NO" replacing the X with the real number. Erich > vfs.root.mountfrom=3D"ufs:ada0p3.eli" >=20 > kern.vty=3D"sc" > aesni_load=3D"YES" > nvidia_load=3D"YES" > linux_load=3D"YES" >=20 >=20 >=20 >=20 > On 06/19/18 12:24, Erich Dollansky wrote: > > Hi, > > > > On Tue, 19 Jun 2018 11:39:24 +0800 > > thor wrote: > > =20 > >> The other partitions are NOT in fstab. They are mounted manually > >> with explicit mount and geli attach commands. Moreover, it occurs > >> during a boot well before init gets control and spawns the mount > >> process.=20 > > what is then in your /boot/loader.conf? > > > > Erich > > > > =20 > >> On 06/19/18 09:50, Erich Dollansky wrote: =20 > >>> Hi, > >>> > >>> On Tue, 19 Jun 2018 00:19:01 +0800 > >>> thor wrote: > >>> =20 > >>>> Hello! > >>>> > >>>> Here I have a computer with 2 HDDs partitioned identically with > >>>> GELI encrypted root as in > >>>> https://forums.freebsd.org/threads/howto-full-disk-encryption-fast-w= ay.19082/ > >>>> > >>>> When I boot the computer it properly asks the passphrase > >>>> for /dev/ada0p3 and mounts /dev/ada0p3.eli as a root. > >>>> > >>>> Then, it asks "Enter passphrase for gptid...." which I don't want > >>>> since the second HDD should be attached manually when needed ONLY > >>>> and all other time it should be unmounted. I am to press enter > >>>> enough times to make me mad. > >>>> > >>>> What should I do? > >>>> =20 > >>> just take all other partitions / slices out of /etc/fstab. > >>> > >>> Erich > >>> _______________________________________________ > >>> freebsd-questions@freebsd.org mailing list > >>> https://lists.freebsd.org/mailman/listinfo/freebsd-questions > >>> To unsubscribe, send any mail to > >>> "freebsd-questions-unsubscribe@freebsd.org" =20 > >> _______________________________________________ > >> freebsd-questions@freebsd.org mailing list > >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions > >> To unsubscribe, send any mail to > >> "freebsd-questions-unsubscribe@freebsd.org" =20 > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "freebsd-questions-unsubscribe@freebsd.org"=20 >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org"