Date: Sat, 8 Apr 2006 12:38:34 +0200 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: Adam Wood <aswood@gmail.com> Cc: freebsd-geom@freebsd.org Subject: Re: geli not recognizing passphrase on boot (was: geli not prompting for password on boot) Message-ID: <20060408103834.GA2135@garage.freebsd.pl> In-Reply-To: <77518d100604071527o8a53760u3dce7b318655e7a9@mail.gmail.com> References: <77518d100604071527o8a53760u3dce7b318655e7a9@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--fUYQa+Pmc3FrFX/N Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Apr 07, 2006 at 05:27:38PM -0500, Adam Wood wrote: +> Hello, +>=20 +> I have tried a new method using the 6.1-BETA4 ISO images. +> Unfortunately, I am still not getting it to work properly. I am, +> however, making slight progress, as it does ask for a passphrase at +> boot. +>=20 +> It does not seem to recognize my passphrase, though. +>=20 +> Here's what I've done: +>=20 +> 1. Booted with 6.1-BETA4 disc 1. +> 2. Launched Fixit with livefilesystem on CD. +> 3. Created symlink /dist/lib to /lib (ln -s /dist/lib /lib) and +> /dist/boot/kernel to /boot/kernel (ln -s /dist/boot/kernel +> /boot/kernel). +> 4. Loaded the geom_eli module (kldload geom_eli). +> 5. Initiated the geli device (geli init -b -s 4096 -l 256 /dev/ad0). +> 6. Attached the new geli device (geli attach /dev/ad0 -- works!). +> 7. Created bsdlabel on new, encrypted disk (bsdlabel -w /dev/ad0). You should bsdlabel -w /dev/ad0.eli. +> 15. Edited boot/loader.conf and added geom_eli_load=3D"YES" and +> kern.geom.eli.debug=3D1. Please add kern.geom.eli.visible_passphrase=3D1 to the loader.conf as well. +> 16. Ran mkisofs -b boot/bootcd -t /tmp/bootcd.iso /newdirectory_containi= ngdirs. +> 17. Burned /tmp/bootcd.iso. +> 18. Rebooted with the new CD as boot device. +>=20 +> It prompts me for the passphrase for ad0, but when I supply it I just ge= t: +>=20 +> GEOM_ELI[0]: Wrong key for ad0. Tries left: 2. +>=20 +> I know I'm typing it correctly, and if I boot back into the install +> disc I can attach just fine. Can you think of anything that would be +> causing this? Does the boot media need /lib? I don't think it does, +> but perhaps I'm wrong. It doesn't. Try to enable visible_passphrase tunable and see if it gets the passphrase you type. --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --fUYQa+Pmc3FrFX/N Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFEN5KqForvXbEpPzQRAnAIAKCUXv/FGVHtOOMTalismDS722CX+QCgkz2z dhtLYmAdB+h2p8JuF/8JXKU= =Byeh -----END PGP SIGNATURE----- --fUYQa+Pmc3FrFX/N--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060408103834.GA2135>