Boot-time pass for geli on 7.0-BETA2 (and RELENG_7) not working for
me.
Marc Olzheim
marcolz at ilse.net
Tue Nov 6 18:48:17 PST 2007
Hi.
I can't get the kernel to accept my passphrase at boot time.
Excerpt from dmesg:
...
FreeBSD 7.0-BETA2 #0: Tue Nov 6 15:06:03 UTC 2007
root at lapcat.ilse.net:/usr/obj/usr/src/sys/LAPCAT
Preloaded elf kernel "/boot/kernel/kernel" at 0xffffffff808a5000.
Preloaded elf obj module "/boot/kernel/geom_eli.ko" at 0xffffffff808a5288.
Preloaded elf obj module "/boot/kernel/crypto.ko" at 0xffffffff808a58f8.
Preloaded elf obj module "/boot/kernel/zlib.ko" at 0xffffffff808a5f60.
Preloaded ad4s3e:keyfile0 "/boot/keys/ad4s3e.key" at 0xffffffff808a64c8.
Calibrating clock(s) ... i8254 clock: 1193193 Hz
CLK_USE_I8254_CALIBRATION not specified - using default frequency
Timecounter "i8254" frequency 1193182 Hz quality 0
Calibrating TSC clock ... TSC clock: 1496263977 Hz
CPU: Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz (1496.26-MHz K8-class CPU)
Origin = "GenuineIntel" Id = 0x6fd Stepping = 13
Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
Features2=0xe39d<SSE3,RSVD2,MON,DS_CPL,EST,TM2,SSSE3,CX16,xTPR,PDCM>
AMD Features=0x20100800<SYSCALL,NX,LM>
AMD Features2=0x1<LAHF>
Cores per package: 2
usable memory = 2128379904 (2029 MB)
...
ad4: 114473MB <FUJITSU MHW2120BH 8918> at ata2-master SATA150
ad4: 234441648 sectors [232581C/16H/63S] 16 sectors/interrupt 1 depth queue
GEOM: new disk ad4
battery0: battery initialization done, tried 1 times
GEOM_LABEL: Label for provider ad4s4 is ntfs/HP_RECOVERY.
Enter passphrase for ad4s3e: (probe4:sbp0:0:4:0): error 22
(probe4:sbp0:0:4:0): Unretryable Error
(probe5:sbp0:0:5:0): error 22
(probe5:sbp0:0:5:0): Unretryable Error
(probe6:sbp0:0:6:0): error 22
(probe6:sbp0:0:6:0): Unretryable Error
(probe0:sbp0:0:0:0): error 22
(probe0:sbp0:0:0:0): Unretryable Error
(probe1:sbp0:0:1:0): error 22
(probe1:sbp0:0:1:0): Unretryable Error
(probe2:sbp0:0:2:0): error 22
(probe2:sbp0:0:2:0): Unretryable Error
(probe3:sbp0:0:3:0): error 22
(probe3:sbp0:0:3:0): Unretryable Error
GEOM_ELI: Wrong key for ad4s3e. Tries left: 2.
Enter passphrase for ad4s3e:
GEOM_ELI: Wrong key for ad4s3e. Tries left: 1.
Enter passphrase for ad4s3e:
GEOM_ELI: Wrong key for ad4s3e. No tries left.
SMP: AP CPU #1 Launched!
cpu1 AP:
ID: 0x01000000 VER: 0x00050014 LDR: 0x00000000 DFR: 0xffffffff
lint0: 0x00010700 lint1: 0x00000400 TPR: 0x00000000 SVR: 0x000001ff
timer: 0x000200ef therm: 0x00010000 err: 0x00010000 pcm: 0x00010000
...
Trying to mount root from ufs:/dev/ad4s3a
start_init: trying /sbin/init
Loading configuration files.
No suitable dump device was found.
Entropy harvesting:
interrupts
ethernet
point_to_point
kickstart
.
Starting file system checks:
Setting hostuuid: 434e4637-3332-3352-3451-001b24850b51.
Setting hostid: 0x55ee28a8.
Mounting local file systems:
...
But when trying after boot, "geli attach -k /boot/keys/ad4s3e.key":
GEOM_ELI: Device ad4s3e.eli created.
GEOM_ELI: Encryption: AES-CBC 128
GEOM_ELI: Crypto: software
Then it works fine.
Any ideas ?
Another issue with BETA1.5 was that when disklabeling /dev/ad4s3e.eli
into multiple slices, after newfsing and mounting, I could create files
and fsck the filesystem, but as soon as I created a directory, it caused
a panic. I didn't see that after cvsuping to RELENG_7 then though, so i
assume something was already fixed in that department.
Marc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20071107/a6974121/attachment.pgp
More information about the freebsd-stable
mailing list