From owner-freebsd-questions@freebsd.org Tue Feb 26 20:26:42 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 830AC1502B65 for ; Tue, 26 Feb 2019 20:26:42 +0000 (UTC) (envelope-from mh_tahboosh@yahoo.com) Received: from sonic310-48.consmr.mail.gq1.yahoo.com (sonic310-48.consmr.mail.gq1.yahoo.com [98.137.69.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 98D3571A87 for ; Tue, 26 Feb 2019 20:26:41 +0000 (UTC) (envelope-from mh_tahboosh@yahoo.com) X-YMail-OSG: yGtDSaoVM1lnmvEkuxnPZnM9kdQ6mEXGrlO7XT5nEEkNua7Mi0LBsghp30pDZEI XxjxJh2fRSRwdJFML_U00leyu9DKXuHSY_uMveFPy0ulKVqITU3n1MQyk7X72ZuglHQal_zRGDUO rC0WNRTZjd8WjlB04ccD.JduYBjjBMm73ZoNPyMk9h4eDolub4b769TUKmH1ZUAhnlmFZ35u4yRh __esDuT.s7Hqsxa1Vj5jM1if8G0DlVGcY5NYaAQUDdR3crDpEgMi4ZmFeyCdiC5wJm6KmBjY6zry 1BfpAPVHBR8XnwHUKhbZ7CHtCKLY2kf8vXl8auAdVUyRkR8dnzrld3I3Zu3rOpbL_bhdWoZYCgZ7 akXloQTZoKlMO0oQ5mIBK2GsjQaD03yZGYh9nmX_7H1v08qP7iARERPI0S73T.eadlnHz06mHkQ6 uIZ.svm6Bngh1bsmr4lH1OzENc3SDAVgDpxQ1YH9HpRVezP_tFFDRFHKdeRCjOZeB.CFWYxs.hfH 4rTOiic6nA.HyAF2L5CLBK9Hta7w_I8olYWv_OBoVLteQg1Mw7lE0pTSnePn_yT85F42UUM7GlZ8 .tcrJ7iXc5iU2LtrjrRkUKviBPyq0JvXZqptnTDFae8u3tUNJZ.0sxwaFnPwPEWPxKmjPx1dkTOf B1Jc3HHlDKYK49j7XpclNna3JPo6ZvzDrfjfCG313MeydqM9xqePJGHgr47.9AHOzcQMLQenknZv lJPWg9XVBdENEyO4jsKVlU2cYKcEhGiH7l7_aB0PDCCRUjmNaPWOXtUlqbHS55VraLlMVzlUoTqz 9MQ3eoEmn6A3fkIPOFkpDOSLjEz76ANuOikuZ9LHFcb1nWbSuedukPbaHmMd4pRbMWdastmwCvrT Gr2Jp1dadxkh6WxbuFhopORqzV8usHINRImH3o.0_7zgf2yY4fBupgiGoVfRlRfwF_cE1kBT_fcf 4DNAQZ0TxgK_sK76kQP9oj5PFHBLWCRsCNkLxUEpaqeCfv245Kvj4Z7t87BT7DzsTxMa6cvUQHuL BTX2ZU8iNZW8Z7lqcedUp2QigZ2BKFkVaH73EWFAQ25d0I2ZFJybRt1OyxmzZGHEs8HePJuQ0Vw1 Agf2mZd2vXtJu1R2ytmSEtE640XzDH_l1uAD97Uv4bBwG3g9ZYTzfqz9KLCp9xJb3ZiBKzoi. Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.gq1.yahoo.com with HTTP; Tue, 26 Feb 2019 20:26:34 +0000 Date: Tue, 26 Feb 2019 19:33:54 +0000 (UTC) From: Muhannad Tahboosh To: "freebsd-questions@FreeBSD.org" Message-ID: <2085762699.444207.1551209634464@mail.yahoo.com> Subject: kerberos Mathematical Function MIME-Version: 1.0 References: <2085762699.444207.1551209634464.ref@mail.yahoo.com> X-Mailer: WebService/1.1.13123 YMailNorrin Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36 X-Rspamd-Queue-Id: 98D3571A87 X-Spamd-Bar: / X-Spamd-Result: default: False [-0.92 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.35)[-0.351,0]; R_DKIM_ALLOW(-0.20)[yahoo.com:s=s2048]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ptr:yahoo.com]; FREEMAIL_FROM(0.00)[yahoo.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-0.88)[-0.884,0]; RCPT_COUNT_ONE(0.00)[1]; RCVD_TLS_LAST(0.00)[]; NEURAL_SPAM_SHORT(0.98)[0.977,0]; MX_GOOD(-0.01)[cached: mta6.am0.yahoodns.net]; DKIM_TRACE(0.00)[yahoo.com:+]; RCVD_IN_DNSWL_NONE(0.00)[174.69.137.98.list.dnswl.org : 127.0.5.0]; TO_DN_EQ_ADDR_ALL(0.00)[]; IP_SCORE(0.35)[ipnet: 98.137.64.0/21(1.01), asn: 36647(0.81), country: US(-0.07)]; DMARC_POLICY_ALLOW(-0.50)[yahoo.com,reject]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; FREEMAIL_ENVFROM(0.00)[yahoo.com]; ASN(0.00)[asn:36647, ipnet:98.137.64.0/21, country:US]; RCVD_COUNT_TWO(0.00)[2]; DWL_DNSWL_NONE(0.00)[yahoo.com.dwl.dnswl.org : 127.0.5.0] Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Feb 2019 20:26:42 -0000 i need to get the mathematical=C2=A0 function for kerberos using the follow= ing encryption type. kerberos v5. Thank you very much Guide us to The Straight Path From owner-freebsd-questions@freebsd.org Wed Feb 27 02:43:23 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 88C9F150CC86 for ; Wed, 27 Feb 2019 02:43:23 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from holgerdanske.com (holgerdanske.com [IPv6:2001:470:0:19b::b869:801b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "www.holgerdanske.com", Issuer "www.holgerdanske.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id D1CC887F2C for ; Wed, 27 Feb 2019 02:43:22 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from 99.100.19.101 ([99.100.19.101]) by holgerdanske.com with ESMTPSA (ECDHE-RSA-AES128-GCM-SHA256:TLSv1.2:Kx=ECDH:Au=RSA:Enc=AESGCM(128):Mac=AEAD) (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN) for ; Tue, 26 Feb 2019 18:43:17 -0800 Subject: Re: Moving raw system image to another drive breaks GELI To: freebsd-questions@freebsd.org References: From: David Christensen Message-ID: Date: Tue, 26 Feb 2019 18:43:13 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Feb 2019 02:43:23 -0000 On 2/26/19 10:00 AM, David Christensen wrote: > I have a computer: > > 2019-02-26 09:50:14 dpchrist@ragnar ~ > $ freebsd-version ; uname -a > 11.2-RELEASE-p9 > FreeBSD ragnar 11.2-RELEASE-p9 FreeBSD 11.2-RELEASE-p9 #0: Tue Feb  5 > 15:30:36 UTC 2019 > root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64 > > > I installed to a SanDisk Ultra Fit USB 3.0 16 GB flash drive: > >       Partitioning                      Auto (ZFS) >         Pool Type/Disks                 stripe,da0 >         Pool Name                       zroot >         Force 4K Sectors                YES >         Encrypt Disks                   YES >         Partition Scheme                MBR (BIOS) >         Swap Size                       2g >         Mirror Swap                     NO >         Encrypt Swap                    YES >         Install > > > If I do a raw binary copy of the USB flash drive to a Intel 520 Series > SSD 60 GB with dd(1) and boot the SSD, GELI rejects the passphrase and I > end up at a "mountroot>" prompt. > > > I would like to be able to move raw FreeBSD system images from drive to > drive and have them work. McKusick 2015 p. 214 states "GELI's metadata is found in the last sector of the underlying device or partition". Examine the slice/ partition tables for the USB flash drive: root@ragnar:~ # gpart show da0 da0s1 => 63 30031809 da0 MBR (14G) 63 1 - free - (512B) 64 30031808 1 freebsd [active] (14G) => 0 30031808 da0s1 BSD (14G) 0 4194304 1 freebsd-zfs (2.0G) 4194304 4194304 2 freebsd-swap (2.0G) 8388608 21643200 4 freebsd-zfs (10G) Examine the last sector of MBR primary partition 1, which is also the last sector of the drive: root@ragnar:~ # dd if=/dev/da0 skip=30031871 status=none | hexdump | tee usb-sector-30031871.hexdump 00000000 47 45 4f 4d 3a 3a 45 4c 49 00 00 00 00 00 00 00 |GEOM::ELI.......| Examine the slice/ partition tables for the SSD: root@ragnar:~ # gpart show ada1 ada1s1 => 63 117231345 ada1 MBR (56G) 63 1 - free - (512B) 64 30031808 1 freebsd [active] (14G) 30031872 87199536 - free - (42G) => 0 30031808 ada1s1 BSD (14G) 0 4194304 1 freebsd-zfs (2.0G) 4194304 4194304 2 freebsd-swap (2.0G) 8388608 21643200 4 freebsd-zfs (10G) The last sector of MBR primary partition 1 contains the same binary data as that of the USB flash drive. root@ragnar:~ # dd if=/dev/ada1 skip=30031871 count=1 status=none | hexdump | tee ssd-sector-30031871.hexdump 00000000 47 45 4f 4d 3a 3a 45 4c 49 00 00 00 00 00 00 00 |GEOM::ELI.......| Fetch a copy of the data: root@ragnar:~ # dd if=/dev/ada1 skip=30031871 count=1 of=last-block.bin 1+0 records in 1+0 records out 512 bytes transferred in 0.001179 secs (434316 bytes/sec) Write it to the last sector of the SSD: root@ragnar:~ # dd if=last-block.bin of=/dev/ada1 seek=117231407 1+0 records in 1+0 records out 512 bytes transferred in 0.012096 secs (42327 bytes/sec) Power down, remove USB flash drive, boot SSD -- GELI still broken. Ideas? David