geli not prompting for password on boot

Pawel Jakub Dawidek pjd at FreeBSD.org
Thu Apr 6 06:57:38 UTC 2006


On Wed, Apr 05, 2006 at 08:33:55PM -0500, Adam Wood wrote:
+> Hello,
+> 
+> I've recently began researching GELI and disk-encryption altogether
+> and have run into a problem.
+> 
+> I've created a bootable media with the 6.0-RELEASE kernel with all the
+> standard modules. It also has geom_eli_load="YES" in loader.conf. I
+> also have the following /etc/fstab in the boot media:
+> 
+> # Device                Mountpoint      FStype  Options         Dump    Pass#
+> /dev/ad0.elib           none            swap    sw              0       0
+> /dev/ad0.elia           /               ufs     rw              1       1
+> /dev/ad0.elie           /tmp            ufs     rw              2       2
+> /dev/ad0.elif           /usr            ufs     rw              2       2
+> /dev/ad0.elid           /var            ufs     rw              2       2
+> 
+> I created /dev/ad0.eli via the following:
+> 
+> geli init -b -l 256 /dev/ad0
+> 
+> and the partitions:
+> 
+> bsdlabel -w /dev/ad0.eli
+> bsdlabel -e /dev/ad0.eli
+> 
+> However, when I boot, I can see that geom_eli is loaded, but it does
+> not ever ask me for the password. I believe that is the point of the
+> -b argument I supplied to the geli init command.
+> 
+> When I boot I am greeted with the following error:
+> 
+> Trying to mount root from ufs:/dev/ad0.elia
+> 
+> Manual root filesystem specification:
+>  <fstype>:<device> Mount <device> using filesystem <fstype>
+>                                  eg. ufs:da0s1a
+> ?                           List valid disk boot devices
+> <empty line>          Abort manual input
+> 
+> mountroot>
+> 
+> Any help you could provide would be much appreciated.

Which FreeBSD version are you using? There could be a race in earlier
versions where geli stops waiting for providers before they actually
show up. You increase debug level to 1 by adding:

kern.geom.eli.debug=1

to the /boot/loader.conf and see when message "Tasting no more." is
printed.

This problem is fixed in 6-STABLE and will be also in 6.1-RELEASE.

-- 
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd at FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-geom/attachments/20060406/92dd04a5/attachment.pgp


More information about the freebsd-geom mailing list