From owner-freebsd-geom@freebsd.org Thu Oct 25 10:25:15 2018 Return-Path: Delivered-To: freebsd-geom@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 750D31037BDB for ; Thu, 25 Oct 2018 10:25:15 +0000 (UTC) (envelope-from mikey@usa.com) Received: from mout.gmx.com (mout.gmx.com [74.208.4.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.gmx.com", Issuer "GeoTrust RSA CA 2018" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 00E5A7AFFD for ; Thu, 25 Oct 2018 10:25:14 +0000 (UTC) (envelope-from mikey@usa.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mail.com; s=dbd5af2cbaf7; t=1540463114; bh=RpEguDkqaO2567tZs8pVCOdlRiUY98Gyvyjv7XOaW3U=; h=X-UI-Sender-Class:From:To:Subject:Date; b=FMCYxB+A3F3QaMgXKOj2mcnsKbxyeTruakd1ByXTeiAAuuqiL3tGWElKAAMC7pQik 6/YZh1aA4wNae5ZjdTLlCGflS1PNn25fzd699b0JFifStYzyoot7YuL4ox0Ps4OTaM EMq+qKso7xJ9eral7lg+XvQfbswcfMgXl7Db+4uA= X-UI-Sender-Class: 214d933f-fd2f-45c7-a636-f5d79ae31a79 Received: from [81.108.220.86] ([81.108.220.86]) by web-mail.mail.com (3c-app-mailcom-lxa11.server.lan [10.76.45.12]) (via HTTP); Thu, 25 Oct 2018 12:25:14 +0200 MIME-Version: 1.0 Message-ID: From: "Michael .." To: freebsd-geom@freebsd.org Subject: GELI without passphrase on ZFS root Content-Type: text/plain; charset=UTF-8 Date: Thu, 25 Oct 2018 12:25:14 +0200 Importance: normal Sensitivity: Normal Content-Transfer-Encoding: quoted-printable X-Priority: 3 X-Provags-ID: V03:K1:uWzNfnoEoRupCuaZkhWbF6d8tEkD/53RKYrT+IIdk3R0e56yfeBxzsEFa0HzEKtdryKwQ LWS9ABk2I+2JD4QKGIOi54JX8+bV7aZXsX/oE+393e6jCLPbqCRxJC8T/ZwIkVBxa0YdUp8bgZ21 7JVyTkr0utpy/QVus7Z+yjbQCyoPiTBAqWCdr9PC0OrACizbJNwodne93S97tribY84WQ9LOCu78 V1/4GHbQ1rWnN12tdKyY4W4SxplFnJnvmOr50oHAKgueXOKNMBP9buOdAF33F/y2egh3yIGrtifH lo= X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V01:K0:rRNwanP1veo=:NhcMBTJopoi4JJuMVJBedN B/mBCfEyyso2zDZdxGXP54kPuyoj0wpiatiiq06Utc82Swr+v9nZXFBWnI6xTROWFIcICHw6R +u68UIIFT6XUtwQD6+Cdc0GY48sW7OGp/8MxBcmnE90vcblNMx5F0V53A/DeuLhKONdJ2rriw VuQN7oCZMcb8fF2udqaD/8CcYNsWnLzhhjql//71xpzTf83x8KxQWQzIMOM6lPA+nP7Ymm9gJ YJESuxGv9nz+4bgoYq/UQxM+3Fmz6b+fwtV491d59DJvDddfRldky/Rku78s4luvgRqGd+D/G JpdnGYNeoiFGrT+rVXwXB6UNyUjJCER+TFvWYR+Fzxs4pJ+05Um3Dypr3c5TL8p+pRx2MEx1B XtvxyC1frXBbvAbNKLP1rjhrBLZrIXrTp7eHpqxxKQtmli625mO3gdmD6ikdpj04FYWUACx7W Zb8eKNxOrqCImBmbE5WHut0J0hXyBOo2f2IE2wYdCO3CAE8GBYBO X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Oct 2018 10:25:15 -0000 Hi, =C2=A0 Has anyone been able to achieve this? =C2=A0 I installed FreeBSD 11=2E2 using AutoZFS option with encryption turned on= =2E=C2=A0 Passphrase is specified as part of install=2E =C2=A0 I want to switch to only a keyfile and no passphrase: =C2=A0 geli setkey -K /boot/encryption=2Ekey -P /dev/xyz =C2=A0 This completes, but I'm still prompted for passphrase on boot=2E=C2=A0 Not= hing appears accepted by the prompt (as the userkey is using only keyfile n= ow?) =C2=A0 Setting geom_eli_passphrase_prompt=3D"NO" doesn't help=2E =C2=A0 Michael=2E