Date: Tue, 26 Jun 2018 08:23:15 -0500 From: CyberLeo Kitsana <cyberleo@cyberleo.net> To: thor <thor@irk.ru>, freebsd-questions@freebsd.org Subject: Re: How to disable GELI selectively? Message-ID: <99c15b36-0a38-38f7-8fa1-53009759d038@cyberleo.net> In-Reply-To: <07733d85-d212-8866-b3eb-56ee42340294@irk.ru> References: <07733d85-d212-8866-b3eb-56ee42340294@irk.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On 06/18/2018 11:19 AM, thor wrote: > Hello! > > Here I have a computer with 2 HDDs partitioned identically with GELI > encrypted root as in > https://forums.freebsd.org/threads/howto-full-disk-encryption-fast-way.19082/ > > > When I boot the computer it properly asks the passphrase for /dev/ada0p3 > and mounts /dev/ada0p3.eli as a root. > > Then, it asks "Enter passphrase for gptid...." which I don't want since > the second HDD should be attached manually when needed ONLY and all > other time it should be unmounted. I am to press enter enough times to > make me mad. > > I have found > https://lists.freebsd.org/pipermail/freebsd-stable/2012-July/068704.html > but it resolves the problem how to mount /dev/ada1p3.eli on boot but not > how not to mount it. > > kern.geom.eli.tries=0 makes geli not to ask for every passphrase > including /dev/ada0p3 and the boot correspondingly totally fails. > > What should I do? Try running geli configure -b on the root and geli configure -B on all the others. That should set resp. clear the BOOT flag that geli.ko uses to determine which geoms to attach at boot. See the documentation for the 'configure' command in geli(8) for more information. -- Fuzzy love, -CyberLeo <CyberLeo@CyberLeo.Net> Technical Administrator CyberLeo.Net Webhosting http://www.CyberLeo.Net Element9 Communications http://www.Element9.net Furry Peace! - http://www.fur.com/peace/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?99c15b36-0a38-38f7-8fa1-53009759d038>