From owner-freebsd-questions@FreeBSD.ORG Sat Dec 23 16:17:14 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BAEEC16A407 for ; Sat, 23 Dec 2006 16:17:14 +0000 (UTC) (envelope-from aanton@spintech.ro) Received: from smtpx.spintech.ro (hop.spintech.ro [81.180.92.69]) by mx1.freebsd.org (Postfix) with ESMTP id 7B4A713C41A for ; Sat, 23 Dec 2006 16:17:14 +0000 (UTC) (envelope-from aanton@spintech.ro) Received: from smtpx.spintech.ro (clamsmtp [15.0.0.2]) by smtpx.spintech.ro (Postfix) with ESMTP id 8455EC948D; Sat, 23 Dec 2006 18:58:26 +0200 (EET) Received: from [10.0.0.2] (beastie [10.0.0.2]) by smtpx.spintech.ro (Postfix) with ESMTP; Sat, 23 Dec 2006 18:58:26 +0200 (EET) Message-ID: <458D523B.8020505@spintech.ro> Date: Sat, 23 Dec 2006 17:58:51 +0200 From: Alin-Adrian Anton Organization: Spintech Security Systems User-Agent: Mozilla Thunderbird 1.0 (X11/20041229) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Chris References: <4585FDC9.2080802@spintech.ro> <718eeb340612190502k4a378889g2d1327316928da8a@mail.gmail.com> In-Reply-To: <718eeb340612190502k4a378889g2d1327316928da8a@mail.gmail.com> X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: nice Cc: freebsd-questions@freebsd.org Subject: Re: geli load key before rootfs is mounted X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: aanton@spintech.ro List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Dec 2006 16:17:14 -0000 Chris wrote: > I think you maybe running into a bug in 6.1 where the keyboard wont > respond during the boot process. Of course you don't notice because > keystrokes have no visual feedback at password input. > > Try adding this line to "/boot/device.hint" on your boot media: > > hint.kbdmux.0.disabled="1" > > I'm booting an encrypted root file system fine with GELI. > Thank's for the tip. After reinitializing the geli device with -b flag, it works. Before, I used an rc script to geli attach, my mistake. Of course, rc scripts are read after boot. It seems loader.conf contents (which are exactly as before) are somehow ignored if the -b flag for that device is missing. I didn't dig for the details. Without the hint for kbdmux, it freezes. Or at least appears so, because it has no reaction to anything pressed. After adding the hint, it will attach the geli device correctly, however, the kernel fault traps right after that. I'm wondering if this is still a kbdmux issue, perhaps removing it from the kernel is better. -- Alin-Adrian Anton GPG keyID 0x183087BA (B129 E8F4 7B34 15A9 0785 2F7C 5823 ABA0 1830 87BA) gpg --keyserver pgp.mit.edu --recv-keys 0x183087BA "It is dangerous to be right when the government is wrong." - Voltaire