From owner-freebsd-geom@FreeBSD.ORG Sun Apr 8 02:31:21 2007 Return-Path: X-Original-To: freebsd-geom@freebsd.org Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 458F016A402 for ; Sun, 8 Apr 2007 02:31:21 +0000 (UTC) (envelope-from fbsd06@mlists.homeunix.com) Received: from mxout-03.mxes.net (mxout-03.mxes.net [216.86.168.178]) by mx1.freebsd.org (Postfix) with ESMTP id 1FE3713C484 for ; Sun, 8 Apr 2007 02:31:19 +0000 (UTC) (envelope-from fbsd06@mlists.homeunix.com) Received: from gumby.homeunix.com (unknown [87.81.140.128]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTP id B6CCC5194D for ; Sat, 7 Apr 2007 22:31:17 -0400 (EDT) Date: Sun, 8 Apr 2007 03:31:14 +0100 From: RW To: freebsd-geom@freebsd.org Message-ID: <20070408033114.128f7da8@gumby.homeunix.com> In-Reply-To: <20070408003233.GT63916@garage.freebsd.pl> References: <20070408005942.48c10ea8@gumby.homeunix.com> <20070408003233.GT63916@garage.freebsd.pl> X-Mailer: Claws Mail 2.8.1 (GTK+ 2.10.11; i386-portbld-freebsd6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: Geli Encrypted DVDs X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Apr 2007 02:31:21 -0000 On Sun, 8 Apr 2007 02:32:33 +0200 Pawel Jakub Dawidek wrote: > On Sun, Apr 08, 2007 at 12:59:42AM +0100, RW wrote: > > > > In the questions list Roland Smith suggested that a geli encrypted > > dvd could be created by burning the backing file from an geli > > encrypted md device as a disk image. > > > > We were neither able to attach the DVD device though, see: > > > > http://lists.freebsd.org/pipermail/freebsd-questions/2007-March/145433.html > > > > Does anyone know if this can be made to work? > > > > FWIW I have no problem putting a UFS2 filesystem on a DVD-R without > > geli. > > Could you give me the output of: > > # ls -l $HOME/backupDVD.img > # diskinfo -v /dev/acd0 > # geli dump /dev/acd0 > # ls -l /home/t/dvd.img -rw-r--r-- 1 bob bob 4613734400 Mar 21 13:15 /home/t/dvd.img # diskinfo -v /dev/acd0 /dev/acd0 2048 # sectorsize 4613734400 # mediasize in bytes (4.3G) 2252800 # mediasize in sectors # geli dump /dev/acd0 Cannot read metadata from /dev/acd0: Invalid argument. Not fully done. ------------------------------------------------- If I run the last command on the image file's md device instead: # geli dump /dev/md0 Metadata on /dev/md0: magic: GEOM::ELI version: 3 flags: 0x0 ealgo: AES-CBC keylen: 256 provsize: 4613734400 sectorsize: 512 keys: 0x01 iterations: 61292 Salt: bdf68c63c63839100061f7bca0dbf6351065119f0679945dc13b53b418e739ff73492a158f300a165df449f37d6b4359efb21b6f5201fcf2fc6acf1af29850b1 Master Key: 9f8eaf77c0183b09dca50be0d25a15979aec2cf02dc53870f0b55bcdd911b663fcbfeab0a5567fe7da89ea88a7068a5ab30806b966734e385c43a47cc074156638fca0dc41c3bc27ca8cc52ff5ffac837d8bc116f9a434b2dbf6c520ed5fc1b14ece00e9972b3b1062491db16aa40486ce05c1969b642b9436cbfab472ba581a9600e4390b27913bca1b8e74b9a2c610e162948f947d4c14c657968cd1f712f66fd3352ba3a92454a4b190c289a338698273a85fe934db31d8e5d700afee430b4589fa642882caea6509762f63de82be69f9af78c05b73f4419a523ee6ac8b18340cb3bc5491e3d7b17b5682f515f44d00044db05e23f451720348b1a3c0669875f0cd3784269786c32c4b4e501a612bbbb7dbc68ea54e9c6049d402129f9535a1e20b0d1e15b590144f9eacac28f65a04713e2f8fe335dc33e0887a12af8d9740855cbf4e9e42b0ea36532940d0d466f2c5b95e6f04a4ccf296df5ad09f768682b97b9a92733f0a40c85f86509af309e4e52108ada13c484a089516a3249252 MD5 hash: c491b5d6c87206b6e6d3783dde568fb7