Date: Thu, 6 Apr 2006 08:56:18 +0200 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: Adam Wood <aswood@gmail.com> Cc: freebsd-geom@freebsd.org Subject: Re: geli not prompting for password on boot Message-ID: <20060406065618.GC2667@garage.freebsd.pl> In-Reply-To: <77518d100604051833u92d3581mbd1dc90dfe8f5638@mail.gmail.com> References: <77518d100604051833u92d3581mbd1dc90dfe8f5638@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--KdquIMZPjGJQvRdI Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Apr 05, 2006 at 08:33:55PM -0500, Adam Wood wrote: +> Hello, +>=20 +> I've recently began researching GELI and disk-encryption altogether +> and have run into a problem. +>=20 +> I've created a bootable media with the 6.0-RELEASE kernel with all the +> standard modules. It also has geom_eli_load=3D"YES" in loader.conf. I +> also have the following /etc/fstab in the boot media: +>=20 +> # Device Mountpoint FStype Options Dump = Pass# +> /dev/ad0.elib none swap sw 0 0 +> /dev/ad0.elia / ufs rw 1 1 +> /dev/ad0.elie /tmp ufs rw 2 2 +> /dev/ad0.elif /usr ufs rw 2 2 +> /dev/ad0.elid /var ufs rw 2 2 +>=20 +> I created /dev/ad0.eli via the following: +>=20 +> geli init -b -l 256 /dev/ad0 +>=20 +> and the partitions: +>=20 +> bsdlabel -w /dev/ad0.eli +> bsdlabel -e /dev/ad0.eli +>=20 +> However, when I boot, I can see that geom_eli is loaded, but it does +> not ever ask me for the password. I believe that is the point of the +> -b argument I supplied to the geli init command. +>=20 +> When I boot I am greeted with the following error: +>=20 +> Trying to mount root from ufs:/dev/ad0.elia +>=20 +> Manual root filesystem specification: +> <fstype>:<device> Mount <device> using filesystem <fstype> +> eg. ufs:da0s1a +> ? List valid disk boot devices +> <empty line> Abort manual input +>=20 +> mountroot> +>=20 +> Any help you could provide would be much appreciated. Which FreeBSD version are you using? There could be a race in earlier versions where geli stops waiting for providers before they actually show up. You increase debug level to 1 by adding: kern.geom.eli.debug=3D1 to the /boot/loader.conf and see when message "Tasting no more." is printed. This problem is fixed in 6-STABLE and will be also in 6.1-RELEASE. --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --KdquIMZPjGJQvRdI Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFENLuSForvXbEpPzQRAoDdAKDN3YyUBh+6SDrqr/cynN9ggqjNqACdGQi8 N+7jXx3PCLvUVBcAb1eO3x0= =oOCp -----END PGP SIGNATURE----- --KdquIMZPjGJQvRdI--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060406065618.GC2667>