Encrypt mirrored device with geli fails
mymailfloods at googlemail.com
Thu Sep 6 08:12:36 PDT 2007
# uname -a
FreeBSD 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 10:40:27 UTC 2007
root at dessler.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
# cat /boot/loader.conf
Swap space is encrypted by appending '.eli' to /dev/mirror/gm0s1b in
/etc/fstab. According to the ouput of swapinfo this works fine.
/dev/mirror/gm0s1a is mounted on /
/dev/mirror/gm0s1d is mounted on /var
/dev/mirror/gm0s1e is mounted on /usr
/dev/mirror/gm0s1f is mounted on /crypt
Here's what caused the error:
# umount /crypt
# dd if=/dev/random of=/root/gm0s1f.key bs=64 count=1
1+0 records in
1+0 records out
64 bytes transferred in 0.000580 secs (110331 bytes/sec)
# geli init -K /root/gm0s1f.key -l 256 -s 4096 /dev/mirror/gm0s1f
Enter new passphrase:
Reenter new passphrase:
# geli attach -k /root/gm0s1f.key /dev/mirror/gm0s1f
MD5 hash mismatch for /dev/mirror/gm0s1f.
I don't know what I'm doing wrong. Was anybody successful in this respect?
I'd appreciate every hint.
More information about the freebsd-geom