[Bug 134113] [geli] Problem setting secondary GELI key
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Apr 4 15:16:30 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=134113
Fabian Keil <fk at fabiankeil.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fk at fabiankeil.de
--- Comment #3 from Fabian Keil <fk at fabiankeil.de> ---
By design, geli only stores one iteration count on disk and
as a result, some key combinations are not supported.
Setting both keys to passphrase+keyfile is fine and so is
using a passphrase for one key and passphrase+keyfile for the
other one.
Letting only one of two keys use a passphrase is not supported
because this would require different iteration values which
can't be stored on disk.
Your "workaround" does not actually work around this limitation
because it does not require two different iteration counts.
It could be argued that the error message is a bit cryptic
and that geli.8 should document this limitation more explicitly,
but the fact that you get an error message itself is not a bug.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-geom
mailing list