From nobody Fri Aug 27 09:10:26 2021 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id ED35117806B7 for ; Fri, 27 Aug 2021 09:10:27 +0000 (UTC) (envelope-from SRS0=bVb0=NS=klop.ws=ronald-lists@realworks.nl) Received: from smtp-relay-int.realworks.nl (smtp-relay-int.realworks.nl [194.109.157.24]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Gwv7l0Yghz4vwj for ; Fri, 27 Aug 2021 09:10:27 +0000 (UTC) (envelope-from SRS0=bVb0=NS=klop.ws=ronald-lists@realworks.nl) Date: Fri, 27 Aug 2021 11:10:26 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=klop.ws; s=rw2; t=1630055426; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=2QKTiwu5SSncqRayephwYQ4bBBAkB/bt0reSYBPjqe0=; b=bYMAZZAgapuLXgFzBQdraMH8BcQ9fssN72LrhBPOkXhmuH+R7c7e4du9grbnpkIssqSdUQ ldbbQpa9BxxHEH0Bl3+E9ZThUIPgsf1bC+FpwdpXU5qdTa70m3ArfWvySNCwf39akjhEXA HGkQmAK1nWKbm041rHKOIpTmvQzYiGOJhdERECQjXXsimE25zV4wjN+wvYSFVyQAIwJ4uS 8v1RnvRpOpcCEA94t0ImzQYTIg1xayq0/26rYCixyB7C/FDOEqmQrasQkpUCjjHysGhE9G /taED+TRfg/FBVlw+bFxLN2SVkb7ez08AcRP4sBwQ1Bv742vrmSAVFWZyfj1vA== From: Ronald Klop To: FreeBSD CURRENT Message-ID: <149845085.13.1630055426223@localhost> In-Reply-To: References: Subject: Re: Encrypted swap partition no longer encrypted List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@freebsd.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_12_1080740010.1630055426170" X-Mailer: Realworks (574.746.c373083) Importance: Normal X-Priority: 3 (Normal) X-Rspamd-Queue-Id: 4Gwv7l0Yghz4vwj X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=klop.ws header.s=rw2 header.b=bYMAZZAg; dmarc=pass (policy=none) header.from=klop.ws; spf=pass (mx1.freebsd.org: domain of "SRS0=bVb0=NS=klop.ws=ronald-lists@realworks.nl" designates 194.109.157.24 as permitted sender) smtp.mailfrom="SRS0=bVb0=NS=klop.ws=ronald-lists@realworks.nl" X-Spamd-Result: default: False [-3.20 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[klop.ws:s=rw2]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:194.109.157.0/24:c]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_SHORT(-1.00)[-0.998]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[klop.ws:+]; DMARC_POLICY_ALLOW(-0.50)[klop.ws,none]; HAS_X_PRIO_THREE(0.00)[3]; RCVD_IN_DNSWL_NONE(0.00)[194.109.157.24:from]; FORGED_SENDER(0.30)[ronald-lists@klop.ws,SRS0=bVb0=NS=klop.ws=ronald-lists@realworks.nl]; RCVD_COUNT_ZERO(0.00)[0]; RWL_MAILSPIKE_POSSIBLE(0.00)[194.109.157.24:from]; MIME_TRACE(0.00)[0:+,1:+,2:~]; MID_RHS_NOT_FQDN(0.50)[]; ASN(0.00)[asn:3265, ipnet:194.109.0.0/16, country:NL]; FROM_NEQ_ENVFROM(0.00)[ronald-lists@klop.ws,SRS0=bVb0=NS=klop.ws=ronald-lists@realworks.nl] X-ThisMailContainsUnwantedMimeParts: Y ------=_Part_12_1080740010.1630055426170 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Hi, For encrypted swap you can put ".eli" behind the device name in fstab. So change "/dev/ada0p2" to "/dev/ada0p2.eli" in the new fstab and reboot. NB: after encryption is enabled the device is not available as dumpdev anymore. I don't know what caused the change for you. Regards, Ronald. Van: Graham Perrin Datum: vrijdag, 27 augustus 2021 09:57 Aan: FreeBSD CURRENT Onderwerp: Encrypted swap partition no longer encrypted > > Yesterday afternoon I installed FreeBSD-CURRENT to a hard disk drive, whilst it was in a dock on USB, and chose encrypted swap. > > Then, ZFS send and receive to replicate data from a pool that was on the internal drive. Finally, I replaced the internal drive with the one from the dock. > > Now: swap is not encrypted, this was not my intention. > > Might the accident have resulted from an inappropriate change to /etc/fstab followed by a swapon command? > > I did, at one point, activate and boot the wrong boot environment (because `bectl list -c creation` can no longer show the true (original) dates of creation of boot environments that were replicated). > > ---- > > root@mowa219-gjp4-8570p-freebsd:~ # bectl mount default /tmp/huh > Successfully mounted default at /tmp/huh > root@mowa219-gjp4-8570p-freebsd:~ # cat /tmp/huh/etc/fstab > # Device Mountpoint FStype Options Dump Pass# > /dev/da0p1 /boot/efi msdosfs rw 2 2 > /dev/da0p2.eli none swap sw 0 0 > root@mowa219-gjp4-8570p-freebsd:~ # bectl umount default > root@mowa219-gjp4-8570p-freebsd:~ # grep swap /etc/fstab | grep -v \# > /dev/ada0p2 none swap sw,late 0 0 > root@mowa219-gjp4-8570p-freebsd:~ # grep ada0 /etc/rc.conf > dumpdev="/dev/ada0p2" > root@mowa219-gjp4-8570p-freebsd:~ # bectl list -c creation > BE Active Mountpoint Space Created > default - - 789M 2021-08-26 16:33 > n247565-b49ba74deeb-f - - 39.6G 2021-08-26 19:50 > n248685-c9f833abf1d-f NR / 49.3G 2021-08-26 21:13 > 14.0-CURRENT_2021-08-19_045942 - - 1.09G 2021-08-26 22:41 > n248269-941650aae97-e - - 40.5M 2021-08-26 22:54 > n247798-f39dd6a9784-a - - 22.9M 2021-08-26 22:54 > n248139-3a57f08b504-b - - 1.21G 2021-08-26 22:54 > n248478-f3a3b061216-a - - 51.0M 2021-08-26 22:54 > 14.0-CURRENT_2021-08-08_145838 - - 365M 2021-08-26 22:54 > n248269-941650aae97-b - - 524M 2021-08-26 22:54 > n248269-941650aae97-f - - 29.3M 2021-08-26 22:54 > n248478-f3a3b061216-e - - 579M 2021-08-26 22:54 > n248478-f3a3b061216-b - - 56.7M 2021-08-26 22:55 > n247798-f39dd6a9784-e - - 328M 2021-08-26 22:55 > n248269-941650aae97-d - - 260M 2021-08-26 22:55 > n248685-c9f833abf1d-e - - 216M 2021-08-26 22:55 > n247798-f39dd6a9784-j - - 4.98G 2021-08-26 22:55 > n248478-f3a3b061216-d - - 310M 2021-08-26 22:55 > n248478-f3a3b061216-c - - 101M 2021-08-26 22:55 > root@mowa219-gjp4-8570p-freebsd:~ # bectl list | sort > 14.0-CURRENT_2021-08-08_145838 - - 365M 2021-08-26 22:54 > 14.0-CURRENT_2021-08-19_045942 - - 1.09G 2021-08-26 22:41 > BE Active Mountpoint Space Created > default - - 789M 2021-08-26 16:33 > n247565-b49ba74deeb-f - - 39.6G 2021-08-26 19:50 > n247798-f39dd6a9784-a - - 22.9M 2021-08-26 22:54 > n247798-f39dd6a9784-e - - 328M 2021-08-26 22:55 > n247798-f39dd6a9784-j - - 4.98G 2021-08-26 22:55 > n248139-3a57f08b504-b - - 1.21G 2021-08-26 22:54 > n248269-941650aae97-b - - 524M 2021-08-26 22:54 > n248269-941650aae97-d - - 260M 2021-08-26 22:55 > n248269-941650aae97-e - - 40.5M 2021-08-26 22:54 > n248269-941650aae97-f - - 29.3M 2021-08-26 22:54 > n248478-f3a3b061216-a - - 51.0M 2021-08-26 22:54 > n248478-f3a3b061216-b - - 56.7M 2021-08-26 22:55 > n248478-f3a3b061216-c - - 101M 2021-08-26 22:55 > n248478-f3a3b061216-d - - 310M 2021-08-26 22:55 > n248478-f3a3b061216-e - - 579M 2021-08-26 22:54 > n248685-c9f833abf1d-e - - 216M 2021-08-26 22:55 > n248685-c9f833abf1d-f NR / 49.3G 2021-08-26 21:13 > root@mowa219-gjp4-8570p-freebsd:~ # uname -KU > 1400030 1400030 > root@mowa219-gjp4-8570p-freebsd:~ # uname -a > FreeBSD mowa219-gjp4-8570p-freebsd 14.0-CURRENT FreeBSD 14.0-CURRENT #105 main-n248685-c9f833abf1d: Fri Aug 13 20:24:43 BST 2021 root@mowa219-gjp4-zbook-freebsd:/usr/obj/usr/src/amd64.amd64/sys/GENERIC-NODEBUG amd64 > root@mowa219-gjp4-8570p-freebsd:~ # > > > > > ------=_Part_12_1080740010.1630055426170--