geom_eli stability
McLone
mclone at gmail.com
Tue Oct 25 13:31:33 PDT 2005
While suffering from paranoya attack lately, i wanted to
encrypt my / and /usr, so i read geli(8) and done this:
> newfs /dev/ad3s1a # for unencrypted kernel
> geli init -b -l 256 -s 2048 /dev/ad3s1d
> geli attach /dev/ad3s1d; newfs -U /dev/ad3s1d.eli
> mount /dev/ad3s1d.eli /mnt/new; mkdir /mnt/new/usr
> echo "so_m3 d at .Ta" | md5 | cut -c -23 > /mnt/new/the.key
> cp /mnt/new/the.key / # dunno if it's needed, just guess
> geli init -K /the.key -s 4096 /dev/ad3s1e
> geli attach -k /the.key /dev/ad3s1e; newfs -U /dev/ad3s1e.eli
> mount /dev/ad3s1e.eli /mnt/new/usr
> cd /usr/src && setenv DESTDIR /mnt/new
> make installworld
it panicks here (latest RELENG_6) with vm_?.
Is it known problem, or i should put debug on it and
post exact panic here?
For now i ended with only swap and /home encrypted,
seems stable, but i'm afraid to produce load on it.
p.s. May be sector sizes i fed geli with are bizarre too?
--
wbr, |\ _,,,---,,_ dog bless ya!
` Zzz /,`.-'`' -. ;-;;,_
McLone at GMail dot com |,4- ) )-,_. ,\ ( `'-'
, net- and *BSD admin '---''(_/--' `-'\_) ...translit rawx
More information about the freebsd-current
mailing list