root mount failure in freebsd 9.2 encrypted disk!

h bagade bagadeh at gmail.com
Sat Nov 23 05:44:54 UTC 2013 

On Thu, Nov 21, 2013 at 11:36 PM, John-Mark Gurney <jmg at funkthat.com> wrote:

> h bagade wrote this message on Thu, Nov 21, 2013 at 12:24 +0330:
> > On Thu, Nov 21, 2013 at 11:37 AM, John-Mark Gurney <jmg at funkthat.com>
> wrote:
> >
> > > h bagade wrote this message on Thu, Nov 21, 2013 at 11:16 +0330:
> > > > I've tried to encrypt my disk in freebsd 9.2 based on the following
> > > guide:
> > > > http://cgarcia.org/posts/FreeBSD-FDE-Install.html
> > > >
> > > > but it failed to mount root and encountered the following error:
> > > > mounting from ufs /dev/ada0p3.eli failed with error 19
> > > >
> > > > I have tried so many ways but all ends in above error. I have done
> the
> > > same
> > > > process in freebsd 8.2 without any problem and I don't know why the
> error
> > > > occurs in freebsd 9.2?!
> > > >
> > > > Does anyone have any idea about this or how I can fix it?
> > >
> > > Did you see the ask for the passphrase on boot option for the
> > > partition?  It's the -b option, and you can fix that w/:
> > > geli configure -b /dev/ada0p3.eli
> > >
> >
> > Thank you so much, my problem is solved by this command.
> >
> > >
> > > The guide you referenced does use the -b in the geli init command...
> > >
> >
> > So -b option on init command doesn't work?!! it was fine with freebsd
> 8.2!
>
> I'd be surprised if it doesn't.  Are you sure you didn't acidentally
> not include the -b on init?  I'm pretty sure it worked when I setup my
> 9.1-PR box, and not much has changed w/ geli...  I'm pretty sure I
> didn't know about configure till I looked it up for you...
>
> Glad it's working though!
>
> --
>   John-Mark Gurney                              Voice: +1 415 225 5579
>
>      "All that I will do, has been done, All that I have, has not."
>

May be problem is somewhere else! The configure command works for the
mentioned guide; but I still have problems with my own way and it doesn't
ask for passphrase when it boots! :( I have checked flags and BOOT flag is
set. Differences between working encrypted disk and non-working based on
"geli list" are:
1- RW-DETACH flag is set for the working one which is not in non-working
2- Mode option in providers part is r1w1e1 for working one and r0w0e0 for
non-working

Also, you mentioned the poor performance of geli in freebsd 9.2. I want to
know if it affects only on boot or entire accesses to disk is influenced?!
In other words, is disk decryption is done on start-up one and disk will
remain unencrypted till the end or encryption/decryption is done on each
disk access?

And the last question, is performance decrease in compare with older
freebsd versions or there is a serious issue?

More information about the freebsd-geom mailing list