Date: Mon, 26 Oct 2020 18:25:58 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 250644] Prompting for geli passphrases without geli loaded Message-ID: <bug-250644-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D250644 Bug ID: 250644 Summary: Prompting for geli passphrases without geli loaded Product: Base System Version: Unspecified Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: phryk-ports@wzff.de Even without `geom_eli_load=3D"YES"` in /boot/loader.conf (or without any loader.conf), you are still prompted for the passphrase to any geli device with the boot flag. This means you can't boot a FreeBSD image to repair your install if you don't have physical, serial or kvm access to just press enter until all the passphrase prompts are gone and the system actually boots up and is reachable via network. I'm currently facing this issue at Hetzner and, at least for me, it represents a major hurdle for setting up and maintaining encrypted dedicated machines remotely. If geli isn't loaded (and it shouldn't be by default, right?) these prompts should just be skipped to allow rescue systems to actually boot. I'm on 12.1-RELEASE but I'm pretty sure this behavior is true for all FreeBSD versions I have come into contact with in the last decade. PS: Very unsure of what the right component to select was, feel free to re-assign it to whatever fits best. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-250644-227>