From owner-freebsd-questions@FreeBSD.ORG  Tue Dec 19 13:26:09 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 7117816A407
	for <freebsd-questions@freebsd.org>;
	Tue, 19 Dec 2006 13:26:09 +0000 (UTC)
	(envelope-from phatfish@gmail.com)
Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.175])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9933543CA3
	for <freebsd-questions@freebsd.org>;
	Tue, 19 Dec 2006 13:26:08 +0000 (GMT)
	(envelope-from phatfish@gmail.com)
Received: by ug-out-1314.google.com with SMTP id o2so1582998uge
	for <freebsd-questions@freebsd.org>;
	Tue, 19 Dec 2006 05:26:00 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
	h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references;
	b=SGkL43+xDEP5fIlF8tMrCmvQ/WrQYenCeVtRa2UJ162NyHGNzQhBP4C0xHEkH4c57697D39OwkfnkzdoNp6NFfwN6tkJ/VSYJn3ErCkhYV5g6YfqMFwOjVvOXGKZQVMinXcp9+ckE1xpAw/Uq/85BuvX4IHAc+BbWpRkxShyybg=
Received: by 10.82.107.15 with SMTP id f15mr1079379buc.1166533323733;
	Tue, 19 Dec 2006 05:02:03 -0800 (PST)
Received: by 10.82.167.16 with HTTP; Tue, 19 Dec 2006 05:02:03 -0800 (PST)
Message-ID: <718eeb340612190502k4a378889g2d1327316928da8a@mail.gmail.com>
Date: Tue, 19 Dec 2006 13:02:03 +0000
From: Chris <phatfish@gmail.com>
To: aanton@spintech.ro
In-Reply-To: <4585FDC9.2080802@spintech.ro>
MIME-Version: 1.0
References: <4585FDC9.2080802@spintech.ro>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: freebsd-questions@freebsd.org
Subject: Re: geli load key before rootfs is mounted
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Dec 2006 13:26:09 -0000

I think you maybe running into a bug in 6.1 where the keyboard wont respond
during the boot process. Of course you don't notice because keystrokes have
no visual feedback at password input.

Try adding this line to "/boot/device.hint" on your boot media:

hint.kbdmux.0.disabled="1"

I'm booting an encrypted root file system fine with GELI.

On 18/12/06, Alin-Adrian Anton <aanton@spintech.ro> wrote:
> I've been playing around with geli and I was wondering if anyone
> managed to actually use the feature which loads the keyfile before the
> root filesystem is mounted.
>
> Specifically, to use something similar in /boot/loader.conf:
>
> geli_da1s3a_keyfile0_load="YES"
> geli_da1s3a_keyfile0_type="da1s3a:geli_keyfile0"
> geli_da1s3a_keyfile0_name="/boot/keys/da1s3a.key"
>
> If it worked, please let me know. I couldn't do it on a 6.1-REL0.
> (keeps saying password is wrong, probably because it doesn't "see" the
> keyfile). Of course, the .key file is on unencrypted media.
>
> I appreciate your time and suggestions.
>
> Thanks,