ELI passphrase on boot with USB keyboard
lreid at cs.okstate.edu
Fri Jul 27 20:49:44 UTC 2007
Written by Rolf G Nielsen on 07/27/07 15:21>>
> I recently purchased a new USB keyboard, since my old PS/2 one has seen
> its best days. This has caused me annoying problems with my ELI disks,
> I have four SATA harddrives, all of which are encrypted using ELI
> encryption. I've encrypted the raw disks, ad0, ad1, ad2 and ad3. The
> resulting devices ad0.eli, ad1.eli, ad2.eli and ad3.eli, I've
> concatenated into a large device, cc0, on which I have several
> partitions. To get this working, I of course need to boot from a
> separate device, and for that I use an SD card, which holds a boot
> directory. With my old PS/2 keyboard, this worked like a charm, but it
> seems to me, the ukbd driver isnt activated until after the ELI
> encryption, which means I'm unable to enter the passphrases for the
> disks, thus I can't get the computer passed the first passphrase prompt.
> Currently I have both the old keyboard and the new USB one connected. I
> use the PS/2 one to enter the passphrases, then I put it on the floor
> under my desk and use the USB keyboard. As you may very well understand,
> this is quite annoying. Is there a way to get the USB keyboard to work
> at the point where I enter the passphrases?
> I've tried to change the keys for the disks to not use a passphrase, but
> only keyfiles and load them from loader.conf, just as described in the
> GELI man page (yes I did set the -P option), but that simply will not
> work (and to be honest, it's not a solution I'd favour); if I set the -b
> option (ask for passphrase on boot), it still asks for the passphrase,
> though there is none, and if I set the -B option (don't ask for
> passphrase on boot), the computer ends up at the "mountroot>" prompt.
> I'd appreciate any help.
> Rolf Nielsen
Try setting hints.atkbd0.disabled to 1 in the loader, or in the
device.hints file. Your usb keyboard may work in early stages with that
More information about the freebsd-questions