GELI Swap password on boot
Fabian Keil
freebsd-listen at fabiankeil.de
Thu Nov 8 11:27:19 UTC 2012
Mike Barnard <mike.barnardq at gmail.com> wrote:
> On 8 November 2012 03:30, Michael Sierchio <kudzu at tenebras.com> wrote:
>
> > On Wed, Nov 7, 2012 at 4:20 PM, Mike Barnard <mike.barnardq at gmail.com>
> > wrote:
> > > Hi,
> > >
> > > I am running FreeBSD 9.0-RELEASE and I am experiencing some strange
> > > behaviour with GELI.
> > >
> > > Every time I boot up my computer, I get a request to enter the Encryption
> > > password for swap. swap is not encrypted and should not be asking for an
> > > encryption password.
> > >
> > > I have checked and ensured that there are no providers for geli for the
> > > ada0p3 partition. Any one have pointers on what I could check for to
> > > rectify this.
> >
> > in /etc/fstab you should have:
> >
> > /dev/ada0p3.eli none swap sw
> > 0 0
> >
> > in /etc/rc.conf you should have (something like):
> >
> > geli_swap_flags="-e aes -l 256 -s 4096 -d"
> >
> > /etc/rc.d/encswap will generate a random password
> >
>
> I added that when I booted and was prompted again for a password. What
> puzzles me is that this device is not encrypted. Why is it asking me for a
> password? So I encrypted it and added what you have suggested and it still
> asks me for a password.
Maybe the device contains old geli meta data with the
boot flag set, or garbage that looks like geli meta data.
Try to "geli clear" the device and if it fails "geli init" + "geli clear".
Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20121108/e928764d/attachment.sig>
More information about the freebsd-questions
mailing list