From owner-freebsd-questions@FreeBSD.ORG Sat Nov 15 15:01:29 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 79AEA1065674 for ; Sat, 15 Nov 2008 15:01:29 +0000 (UTC) (envelope-from yury.michurin@gmail.com) Received: from mail-gx0-f13.google.com (mail-gx0-f13.google.com [209.85.217.13]) by mx1.freebsd.org (Postfix) with ESMTP id 198458FC13 for ; Sat, 15 Nov 2008 15:01:29 +0000 (UTC) (envelope-from yury.michurin@gmail.com) Received: by gxk6 with SMTP id 6so531501gxk.19 for ; Sat, 15 Nov 2008 07:01:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type; bh=zX01IGvmVsggp9hNfs9Yg7cH7ZjRkDe+NbC+fSuEvPw=; b=o5i95LLRxjw3PUq30j3nL5OsEihYnQ8mMnoXUOLgqjpy5IBzXL/s0jAR/fnQffZfjo YalPFG/1vns2S4y4sF7PZdkcQVgS+dj5EU/UfoEMsB2rlaHwz80n+4CvcMxY4b5XvXWO p9zCQ8yYqUqK6Fbs39ywFxyyLtK7xBCG7GYg0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=mlb3Liu/9Dkgv/hO86KswELORWl/VRixwyflVbfo4rDCsThy8OvcgmcIGqh7OGqIPC 7/pfajdItpnRUiJQ33NqNWhpxsTS/cPCPR9u2JhubMlqhhIVYLD2Lu3+hsZPbdPKwTkV wAnfGRKDAiDex7qBKi5HqG0+Tszsy8NZ7f4rw= Received: by 10.64.10.2 with SMTP id 2mr2051387qbj.76.1226761288038; Sat, 15 Nov 2008 07:01:28 -0800 (PST) Received: by 10.64.204.14 with HTTP; Sat, 15 Nov 2008 07:01:27 -0800 (PST) Message-ID: <692c9a9f0811150701r48213a62m7c18e218a4f4dbe@mail.gmail.com> Date: Sat, 15 Nov 2008 17:01:27 +0200 From: "Yury Michurin" To: "FreeBSD Questions" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: switching root-fs X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 15 Nov 2008 15:01:29 -0000 Hello, I want to create a system, that will minimal boot, start only sshd, then I connect via ssh, verify system integrity and mount an encrypted partition(s). What I have so far: FreeBSD-7.1-BETA2 I've created one (1gb) a parition that mirrored over 3 drives, swap b partition on the 3 drives, and another d partition that encrypted with geli, on top of it there's a ZFS with the copy of a partition, i can't make ZFS mount as / so i just made tank/usr mount as /usr etc. I hope you will provide me some information regarding: 1. So far i haven't noticed that the system became unstable, I guess it's due the fact the proccess started before the new mount points are able to access the "boot" filesystem, but should i expect any problems with init proccess? 2. How can I still access the "boot" filesystem i used the boot after I create the new filesystems? Lets say i want to re-build world and I want to sync the boot partition with the new system. 3. Is there any simplier method of creating a full disk encryption with the abilty of providing the keys remotly over ssh/ssl? Thank you for your time and assitence, Yury.