GELI key from a USB disk
Roland Smith
rsmith at xs4all.nl
Sun Jan 20 10:41:04 PST 2008
On Sun, Jan 20, 2008 at 09:25:36PM +0400, Rakhesh Sasidharan wrote:
> I thought this should be easy but its not working ... :(
>
> I have a USB disk /dev/da0. That's got a GELI key. I also have an external
> hard-disk with partitions /dev/da1s1[a-f]. All GELI encrypted.
>
> What I want is that while booting up these encrypted partitions are loaded.
> And their key taken from the da0 USB disk.
>
> I tried the obvious like mounting the USB disk in /etc/fstab and giving it
> a lower pass no. than the encrypted partitions. But turns out that doesn't
> work.
The pass number in /etc/fstab only affects the fsck order.
> FreeBSD tries to attach the GELI partitions before mounting local
> filesystems! Any way to delay this step till after the USB disk is mounted
> and the key available? Or any other suggestions?
It _must_ do so in case any local partitions are encrypted (like e.g my
/home).
What you can do is set the noauto flag for those filesystems, and mount
them be hand, or write a script for it.
Roland
--
R.F.Smith http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20080120/377addda/attachment-0001.pgp
More information about the freebsd-questions
mailing list