Date: Mon, 4 Feb 2013 19:29:36 +0100 From: mhca12 <mhca12@gmail.com> To: Fabian Keil <freebsd-listen@fabiankeil.de> Cc: freebsd-questions@freebsd.org Subject: Re: vfs.root.mountfrom with geli Message-ID: <CAHUOman57P3-E51pOMCYM268PgdSM8XWgZ4m0JnP%2BxVjcGN4YA@mail.gmail.com> In-Reply-To: <20130204182303.59c9ac72@fabiankeil.de> References: <CAHUOmamNgfe3k2rp0tN1toc9U9LGkmsyh6XJCGBwD_ZqBpBakw@mail.gmail.com> <20130204130635.3a66d412@fabiankeil.de> <CAHUOmami4D01OpUiFqkb8F8Cjmt=yTA_qgwHYnNdshyiE_tXDQ@mail.gmail.com> <20130204182303.59c9ac72@fabiankeil.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Feb 4, 2013 at 6:23 PM, Fabian Keil wrote: > mhca12 <mhca12@gmail.com> wrote: > >> On Mon, Feb 4, 2013 at 1:06 PM, Fabian Keil wrote: >> > mhca12 <mhca12@gmail.com> wrote: >> > >> >> I followed the guide on dan.me.uk to install FreeBSD 9.1 amd64 >> >> but I get always stuck because the kernel doesn't ask me for the >> >> passphrase and doesn't find the /dev/gpt/enc.eli where enc is the >> >> label I gave to the root partition. I also tried with /dev/ada0p3.eli >> >> without success. >> >> >> >> Tried the following two /boot/loader.config variations: >> >> 1: >> >> geom_eli_load=3D"YES" >> >> vfs.root.mountfrom=3D=94ufs:/dev/gpt/enc.eli=94 >> >> 2: >> >> geom_eli_load=3D"YES" >> >> vfs.root.mountfrom=3D=94ufs:/dev/ada0p3.eli=94 >> >> >> >> I can geli attach /dev/gpt/enc or /dev/ada0p3 successfully from >> >> the livecd. >> >> >> >> Can you advise me what I might have done wrong or what I >> >> should try? >> >> >> >> https://www.dan.me.uk/blog/2012/05/05/full-disk-encryption-in-freebsd= -9-x-well-almost/ >> > >> > This guide doesn't seem to match your configuration. >> > It uses ada0p3.eli for swapping and additionally uses keyfiles. >> > >> > Without knowing your actual configuration it's impossible to >> > give proper advice. You could check with "geli list ada0p3" if >> > the boot flag is set, but that's obviously just a wild guess ... >> >> Forgot to list my simpler setup: >> ada0p1 freebsd-boot >> ada0p2 freebsd-ufs label boot /boot >> ada0p3 geli freebsd-ufs label enc / >> >> Do I have to set the boot flag for any of them? > > The geli passphrase is only requested at boot time for providers that > have the geli boot flag set (for details see geli(8)). If it isn't set > on ada0p3 it would explain the described behaviour. Fabian thanks a lot. Maybe I forgot -b during geli init but a geli configure -b /dev/ada0p3.eli fixed it. FreeBSD is so well structured and logical in this regard and hopefully in many others as I heard. In vfs.root.mountfrom only =94ufs:/dev/ada0p3.eli=94 works and the /dev/gpt/enc.eli doesn't. Is it supposed to?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHUOman57P3-E51pOMCYM268PgdSM8XWgZ4m0JnP%2BxVjcGN4YA>