Autoattach geli device but not at startup
RW
fbsd06 at mlists.homeunix.com
Wed Nov 7 10:53:48 PST 2007
On Wed, 7 Nov 2007 07:25:35 -0600
Josh Paetzel <josh at tcbug.org> wrote:
> On Wednesday 07 November 2007 07:13:45 am Matthias Fechner wrote:
> > Hi,
> >
> > I have here a setup where some backup directories are mounted
> > encrypted (using geli).
> > rc.conf:
> > geli_devices="ad3"
> > geli_ad3_flags="-k /root/backup1.key"
> > ...
> >
> > But if the system must be rebooted it asks for the password before a
> > network connection is available.
> > The computer has no keyboard via default so it is really a pain to
> > get the system up again.
> >
> > Is their a possibility to do something like that after the reboot:
> > mount /mnt/backup1
> > and mount starts geli and geli will ask for the passphrase?
> >
> > Thanks,
> > Matthias
>
> This is one of those cases where I would alter the base system a
> bit. I'd fiddle with the #REQUIRE in /etc/rc.d/geli to get it to
> start after sshd, perhaps change it from initrandom to sshd. You can
> check to make sure the changes are sane by running rcorder manually.
I suspect they won't be and that you will run into problems with
fsck and mount not being able to find the .eli partitions.
> If you go this route the console will still prompt for the
> passphrase, but you'll be able to ssh in and run /etc/rc.d/geli start
> manually, which after it ran, would automagically run everything
> after it in rcorder
Wouldn't you have to kill the original /etc/rc.d/gel process?
I think it would just be easier to write a script to handle the
attach, fsck, and mount.
More information about the freebsd-questions
mailing list