Date: Sat, 29 Sep 2012 13:02:26 +0200 From: Fabian Keil <freebsd-listen@fabiankeil.de> To: Martin Laabs <mailinglists@martinlaabs.de> Cc: freebsd-questions@freebsd.org Subject: Re: Kernel asks only for the first GELI passphrase Message-ID: <20120929130226.7df196d2@fabiankeil.de> In-Reply-To: <5066152E.5050709@martinlaabs.de> References: <5066152E.5050709@martinlaabs.de>
next in thread | previous in thread | raw e-mail | index | archive | help
--Sig_/Cw4SPlx0rhaoLbl6fnZ6GvJ Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Martin Laabs <mailinglists@martinlaabs.de> wrote: > I have two partitions encrypted with GELI: ada0s2 and ada0s3. The loader= =20 > (located at an unencrypted part of the harddisk) loads the kernel and the= =20 > kernel asks me for the passphrase for ada0s2 to attach it afterwards. > However - my root file system is not at ada0s2.elia but on ada0s3.elia.=20 > Since the kernel did no attach ada0s3 (but the ada0s2 partition) it is al= so=20 > unable to mount the root filesystem which is somewhat bad. > So - is there a way (i.e. a loader.conf entry) how I can tell the loader= =20 > which partition I wanna have attached with a passphrase? Whether or not the kernel requests the passphrase depends on whether or not the BOOT flag (0x2) on the provider is set. You can check with "geli dump" if the flag is already set, and if it isn't, set it with "geli configure -b". For details see geli(8). > I tried to look at the code from the loader but did not find the source=20 > file where the attaching is done. The passphrase is requested by g_eli_taste() in sys/geom/eli/g_eli.c. Fabian --Sig_/Cw4SPlx0rhaoLbl6fnZ6GvJ Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlBm1UQACgkQBYqIVf93VJ2cbQCgzUltr8UY3ZRNgJLmKS78kcC4 zVcAoMbRt7C4eBIyGH0Kiviq0OSoNdvU =oeUk -----END PGP SIGNATURE----- --Sig_/Cw4SPlx0rhaoLbl6fnZ6GvJ--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120929130226.7df196d2>