Date: Mon, 4 Feb 2013 18:23:03 +0100 From: Fabian Keil <freebsd-listen@fabiankeil.de> To: mhca12 <mhca12@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: vfs.root.mountfrom with geli Message-ID: <20130204182303.59c9ac72@fabiankeil.de> In-Reply-To: <CAHUOmami4D01OpUiFqkb8F8Cjmt=yTA_qgwHYnNdshyiE_tXDQ@mail.gmail.com> References: <CAHUOmamNgfe3k2rp0tN1toc9U9LGkmsyh6XJCGBwD_ZqBpBakw@mail.gmail.com> <20130204130635.3a66d412@fabiankeil.de> <CAHUOmami4D01OpUiFqkb8F8Cjmt=yTA_qgwHYnNdshyiE_tXDQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_/JO4oX.lbv/XvZoDQXUi3vUr Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable mhca12 <mhca12@gmail.com> wrote: > On Mon, Feb 4, 2013 at 1:06 PM, Fabian Keil wrote: > > mhca12 <mhca12@gmail.com> wrote: > > > >> I followed the guide on dan.me.uk to install FreeBSD 9.1 amd64 > >> but I get always stuck because the kernel doesn't ask me for the > >> passphrase and doesn't find the /dev/gpt/enc.eli where enc is the > >> label I gave to the root partition. I also tried with /dev/ada0p3.eli > >> without success. > >> > >> Tried the following two /boot/loader.config variations: > >> 1: > >> geom_eli_load=3D"YES" > >> vfs.root.mountfrom=3D=E2=80=9Dufs:/dev/gpt/enc.eli=E2=80=9D > >> 2: > >> geom_eli_load=3D"YES" > >> vfs.root.mountfrom=3D=E2=80=9Dufs:/dev/ada0p3.eli=E2=80=9D > >> > >> I can geli attach /dev/gpt/enc or /dev/ada0p3 successfully from > >> the livecd. > >> > >> Can you advise me what I might have done wrong or what I > >> should try? > >> > >> https://www.dan.me.uk/blog/2012/05/05/full-disk-encryption-in-freebsd-= 9-x-well-almost/ > > > > This guide doesn't seem to match your configuration. > > It uses ada0p3.eli for swapping and additionally uses keyfiles. > > > > Without knowing your actual configuration it's impossible to > > give proper advice. You could check with "geli list ada0p3" if > > the boot flag is set, but that's obviously just a wild guess ... >=20 > Forgot to list my simpler setup: > ada0p1 freebsd-boot > ada0p2 freebsd-ufs label boot /boot > ada0p3 geli freebsd-ufs label enc / >=20 > Do I have to set the boot flag for any of them? The geli passphrase is only requested at boot time for providers that have the geli boot flag set (for details see geli(8)). If it isn't set on ada0p3 it would explain the described behaviour. Fabian --Sig_/JO4oX.lbv/XvZoDQXUi3vUr Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlEP7pIACgkQBYqIVf93VJ3clwCglJMPbIBX1IMN3vbUmBcPS6CX S8sAoMw1GHLIZtiHgCiMFZeg04j/sC69 =SsGs -----END PGP SIGNATURE----- --Sig_/JO4oX.lbv/XvZoDQXUi3vUr--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130204182303.59c9ac72>