From owner-freebsd-questions@FreeBSD.ORG Tue Dec 19 13:26:09 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7117816A407 for ; Tue, 19 Dec 2006 13:26:09 +0000 (UTC) (envelope-from phatfish@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.175]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9933543CA3 for ; Tue, 19 Dec 2006 13:26:08 +0000 (GMT) (envelope-from phatfish@gmail.com) Received: by ug-out-1314.google.com with SMTP id o2so1582998uge for ; Tue, 19 Dec 2006 05:26:00 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=SGkL43+xDEP5fIlF8tMrCmvQ/WrQYenCeVtRa2UJ162NyHGNzQhBP4C0xHEkH4c57697D39OwkfnkzdoNp6NFfwN6tkJ/VSYJn3ErCkhYV5g6YfqMFwOjVvOXGKZQVMinXcp9+ckE1xpAw/Uq/85BuvX4IHAc+BbWpRkxShyybg= Received: by 10.82.107.15 with SMTP id f15mr1079379buc.1166533323733; Tue, 19 Dec 2006 05:02:03 -0800 (PST) Received: by 10.82.167.16 with HTTP; Tue, 19 Dec 2006 05:02:03 -0800 (PST) Message-ID: <718eeb340612190502k4a378889g2d1327316928da8a@mail.gmail.com> Date: Tue, 19 Dec 2006 13:02:03 +0000 From: Chris To: aanton@spintech.ro In-Reply-To: <4585FDC9.2080802@spintech.ro> MIME-Version: 1.0 References: <4585FDC9.2080802@spintech.ro> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: geli load key before rootfs is mounted X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Dec 2006 13:26:09 -0000 I think you maybe running into a bug in 6.1 where the keyboard wont respond during the boot process. Of course you don't notice because keystrokes have no visual feedback at password input. Try adding this line to "/boot/device.hint" on your boot media: hint.kbdmux.0.disabled="1" I'm booting an encrypted root file system fine with GELI. On 18/12/06, Alin-Adrian Anton wrote: > I've been playing around with geli and I was wondering if anyone > managed to actually use the feature which loads the keyfile before the > root filesystem is mounted. > > Specifically, to use something similar in /boot/loader.conf: > > geli_da1s3a_keyfile0_load="YES" > geli_da1s3a_keyfile0_type="da1s3a:geli_keyfile0" > geli_da1s3a_keyfile0_name="/boot/keys/da1s3a.key" > > If it worked, please let me know. I couldn't do it on a 6.1-REL0. > (keeps saying password is wrong, probably because it doesn't "see" the > keyfile). Of course, the .key file is on unencrypted media. > > I appreciate your time and suggestions. > > Thanks,