Date: Sun, 18 Apr 2021 08:32:00 +0100 From: Pete French <petefrench@ingresso.co.uk> To: freebsd-stable@freebsd.org Subject: Re: geli - is it better to partition then encrypt, or vice versa ? Message-ID: <6a61c243-b2ed-42ab-71c7-fdefc69f4e75@ingresso.co.uk> In-Reply-To: <8c11dffb-3e82-a2d2-bc6a-9256bf3e8b4c@denninger.net> References: <c2905507-ea7b-a0ba-a167-8835f600f040@ingresso.co.uk> <8c11dffb-3e82-a2d2-bc6a-9256bf3e8b4c@denninger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 17/04/2021 21:18, Karl Denninger wrote: > This also makes "geli groups" trivial in /etc/rc.conf for attachment at > boot time irrespective of whether they physically come up in the same > place (again typically yes, but in the case of a failure or you plug it > into a different adapter.....) Ah, now this interests me. Because I was setting a variable called 'geli_devices=' in /etc/rc.conf to contain all my drives. But then one day I forgot to add one and it worked anyway, and then I subsequently discovered it works even if I dont have that variable at all, so I no longer bother. Never looked into why I dont need it - I suspected it was because all the devices are marked as requiring a password at boot time so it found them via searching for that without needing the variable. But yes, the GPT labelling thing is a very good reason for keeping them partitioned on a physical machine. -pete.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6a61c243-b2ed-42ab-71c7-fdefc69f4e75>