From owner-freebsd-questions@FreeBSD.ORG Sat Sep 8 14:05:19 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 17DB116A41A for ; Sat, 8 Sep 2007 14:05:19 +0000 (UTC) (envelope-from mymailfloods@googlemail.com) Received: from wa-out-1112.google.com (wa-out-1112.google.com [209.85.146.182]) by mx1.freebsd.org (Postfix) with ESMTP id DDD7F13C46B for ; Sat, 8 Sep 2007 14:05:18 +0000 (UTC) (envelope-from mymailfloods@googlemail.com) Received: by wa-out-1112.google.com with SMTP id k17so895195waf for ; Sat, 08 Sep 2007 07:05:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=7wPaPBdhR/lanwyXqNXpPhziGSIs0zCixuY7OQBcxng=; b=RX55QFEwVVjZD1pGkcI03ORHsXimko6nUi2UkhT7eXprWg+wVa5+G0bjfiC1mZttvy/0Jyr4vbJG2mTwmNxGpIlaH101RdczV3yP+4ZJ4JbuurE4iEQjU7eO3iyqKJDTVW4ClS9Deh3K6zFGUnKmDFmUL1El2ub6QgjOo1iIBGo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=Qe+5vRWZJlMMoLfKEv1Naqth20CqF3fKSdE5XnabkkABM4H8Ks5Sz+Dh8gdFcgk0GH/6LU4czCN9AZEJagRg7AozCUheKQw3WXH11YFbluLUOoz2iqF5ywovZJsT/NVeMdM29avgE05OjNWahCh4EdTOQpny43S1mWK34MmC5gY= Received: by 10.115.89.1 with SMTP id r1mr2609528wal.1189260318106; Sat, 08 Sep 2007 07:05:18 -0700 (PDT) Received: by 10.115.32.5 with HTTP; Sat, 8 Sep 2007 07:05:18 -0700 (PDT) Message-ID: Date: Sat, 8 Sep 2007 16:05:18 +0200 From: "Thomas Hobbes" To: freebsd-questions@freebsd.org In-Reply-To: <20070908154809.A41025@wojtek.tensor.gdynia.pl> MIME-Version: 1.0 References: <20070906222815.R29129@wojtek.tensor.gdynia.pl> <20070908154809.A41025@wojtek.tensor.gdynia.pl> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: Encrypting mirrored device with geli fails X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Sep 2007 14:05:19 -0000 >> > >>> I was trying to encrypt /dev/mirror/gm0s1f but a "MD5 mismatch" > >> occurred: > >> > >> # umount /crypt > >>> # dd if=/dev/random of=/root/gm0s1f.key bs=64 count=1 > >>> 1+0 records in > >>> 1+0 records out > >>> 64 bytes transferred in 0.000580 secs (110331 bytes/sec) > >> > >> longer.. 32k or so. > > > > > > The same failure occurred. > > magic > > or you did something wrong > > i would do > > gmirror - already done > > geli init -s 2048 -P -K /root/gm0s1f.key /dev/mirror/gm0s1f > > (or -s different, but you will probably use newfs -f 2048) > > geli attach -p -k /root/gm0s1f.key /dev/mirror/gm0s1f > > i am using geli encrpted gmirror, just without keyfile, but password only > on 2 servers. > > example > > [root@serwer ~]# geli status > Name Status Components > mirror/m1.eli N/A mirror/m1 > concat/c.eli N/A concat/c > ad2b.eli N/A ad2b > ad0b.eli N/A ad0b > I did this: # geli clear /dev/mirror/gm0s1f # dd if=/dev/random of=/root/gm0s1f.key bs=32k count=1 # geli init -s 4096 -l 256 -K /root/gm0s1f.key /dev/mirror/gm0s1f # geli attach -k /root/gm0s1f.key /dev/mirror/gm0s1f Again a "MD5 mismatch" occurred. I tried it without a key and the same error occurred. Encrypting with a onetime-key works fine. The error occures also while doing 'geli dump /dev/mirror/gm0s1f'. Any idea what's wrong?