"geli: Wrong key" unable to attach in RPi/ARM environment
George Rosamond
george at ceetonetechnology.com
Wed Feb 11 15:53:57 UTC 2015
Brenden Bartelt:
> Hi all,
>
> This a follow up to a previous thread in freebsd-geom where it was
> determined that geli is functional in 11.0-CURRENT and it could be an ARM
> problem.
>
> I have been unable to geli attach in RPi, even with a very simple
> passphrase ("test"). Has anyone had success with this? I have tried on an
> external usb, da0 as well as a partition on the SD card itself, mmcsd0s3.
> The geli init appears to work, and a geli dump reveals that a master key
> was indeed written to the device. What is even more puzzling is that a geli
> onetime will work for the device, so it would appear that geli is
> functional, but something has gone wrong with the master key
> generating/writing/reading operation.
>
> Can anyone shed some light on something I am missing? Is geli not fully
> supported on ARM?
>
> Thanks,
> Brenden
I haven't tried this, but two things:
1. did you try setting the key with -k when you attach?
2. I don't know if he's on this list, but I'm adding pdj@ to the cc.
g
>
> Log:
>
> # uname -a
> FreeBSD raspberry-pi 11.0-CURRENT FreeBSD 11.0-CURRENT #0 r278031: Mon Feb
> 2 02:54:08 UTC 2015
> root at releng2.nyi.freebsd.org:/usr/obj/arm.armv6/usr/src/sys/RPI-B
> arm
>
> # kldstat
> Id Refs Address Size Name
> 8 1 0xc5657000 17000 geom_eli.ko
> 9 1 0xc572e000 2c000 crypto.ko
>
> # geli init mmcsd0s3
> Enter new passphrase:
> Reenter new passphrase:
>
> Metadata backup can be found in /var/backups/mmcsd0s3.eli and
> can be restored with the following command:
>
> # geli restore /var/backups/mmcsd0s3.eli mmcsd0s3
>
> # geli attach mmcsd0s3
> Enter passphrase:
> geli: Wrong key for mmcsd0s3.
>
> # geli dump mmcsd0s3
> Metadata on mmcsd0s3:
> magic: GEOM::ELI
> version: 7
> flags: 0x0
> ealgo: AES-XTS
> keylen: 128
> provsize: 24796725248
> sectorsize: 512
> keys: 0x01
> iterations: 21660
> Salt:
> d2678fa977889263b18cbbb2e5a3151ac8185d9d0bc5dafa548abc4510ca49ce134ef9410cc63a9b0881514d9e9fedb6a3d392ba4096775030d0646fbfb4cce5
> Master Key:
> 4c26413b864d809b7e537e13ad442d22eada3a12ef61cd538f3a2bc9fd3a1dbbe80e19d6a009c51784461380ff150602c31c4910ad63aa52d105fc93b2005f18cd0b187e0e56b44eabc9784a6255e696a9c398653e4ec669cae64961bd7b43d9af01fa0897f84fef1608c632bbb881d418bdf81e637afff4191ceda6ec829f33c93a0cb5ead63ee63e4c4ccc3ee0b076e6f86b05d514c8b006bf8a11e3f78ac658e56bd824d6958747f09f3c8e80861d2f19eed3f334bbcc83aa28a227239c4bd9c4390a9e1acb5aefed4ef4602432359271217bfb9676eb753930f5c9c45899b0f44bdd230517d3238fc9ab9763b2def43658f44fc76094ccb4af54c7c492a790eca0b407adf66fccf2f3b049c874b66d4bbccd4e82fe8a2e79985ae5e1d64affed7ac66808a2bbd9d661b460c2b9acc1bac5a537bc7d862c711c9ca4892fcf3e607b6ee255555b742352483b7ffda80545bd3774f90ff0e74db58ef87c6c050501c0643c3921345df6e6d7a296c7c535ec81468a8a739824673303664a8874
> MD5 hash: f97f3ca1cf95c25144c84a12b10d81ef
>
> # geli onetime mmcsd0s3
> # geli list
> Geom name: mmcsd0s3.eli
> State: ACTIVE
> EncryptionAlgorithm: AES-XTS
> KeyLength: 128
> Crypto: software
> Version: 7
> Flags: ONETIME
> KeysAllocated: 47
> KeysTotal: 47
> Providers:
> 1. Name: mmcsd0s3.eli
> Mediasize: 24796725248 (23G)
> Sectorsize: 512
> Mode: r0w0e0
> Consumers:
> 1. Name: mmcsd0s3
> Mediasize: 24796725248 (23G)
> Sectorsize: 512
> Stripesize: 4194304
> Stripeoffset: 0
> Mode: r1w1e1
> _______________________________________________
> freebsd-arm at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-arm
> To unsubscribe, send any mail to "freebsd-arm-unsubscribe at freebsd.org"
>
More information about the freebsd-arm
mailing list