Autoattach geli device but not at startup

Josh Paetzel josh at tcbug.org
Wed Nov 7 05:25:48 PST 2007


On Wednesday 07 November 2007 07:13:45 am Matthias Fechner wrote:
> Hi,
>
> I have here a setup where some backup directories are mounted
> encrypted (using geli).
> rc.conf:
> geli_devices="ad3"
> geli_ad3_flags="-k /root/backup1.key"
> ...
>
> But if the system must be rebooted it asks for the password before a
> network connection is available.
> The computer has no keyboard via default so it is really a pain to get
> the system up again.
>
> Is their a possibility to do something like that after the reboot:
> mount /mnt/backup1
> and mount starts geli and geli will ask for the passphrase?
>
> Thanks,
> Matthias

This is one of those cases where I would alter the base system a bit.  I'd 
fiddle with the #REQUIRE in /etc/rc.d/geli to get it to start after sshd, 
perhaps change it from initrandom to sshd.  You can check to make sure the 
changes are sane by running rcorder manually.

If you go this route the console will still prompt for the passphrase, but 
you'll be able to ssh in and run /etc/rc.d/geli start manually, which after 
it ran, would automagically run everything after it in rcorder

-- 
Thanks,

Josh Paetzel

PGP: 8A48 EF36 5E9F 4EDA 5A8C 11B4 26F9 01F1 27AF AECB
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part.
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20071107/16aad29c/attachment.pgp


More information about the freebsd-questions mailing list