Booting a GELI encrypted hard disk

Steve Bertrand iaccounts at
Wed Oct 10 08:15:41 PDT 2007

Daniel Marsh wrote:
> On 10/10/07, Steve Bertrand <iaccounts at> wrote:
>> Hi all,
>> I am voraciously attempting to get a FreeBSD system to boot from a GELI
>> encrypted hard disk, but am having problems.
>> All of my searches lead to the same problem...GELI passphrase can not be
>> entered correctly upon boot. I have tried everything I have found on the
>> web (including disabling 'kbdmux' in the kernel) to no avail.
>> Is there any chance that anyone here has found a resolution to this
>> problem, in the 6.x branch, and if not, has it been looked/resolved
>> within -current?
>> Does anyone have a suggestion for a workaround?
> You could always use a key without a passphrase... unsafe as it is, put the
> key on a usb device that you remove once the machine has booted?

That is what I was going to try next. The 'howtos' I've been reading
require putting many of the boot files on the thumb drive, so would it
even be possible to unmount/remove the usb stick after the machine is
booted up?

If I was to do it this way, I would likely use two separate key files,
on two separate USB sticks.


Thanks for your feedback.


More information about the freebsd-questions mailing list