Booting a GELI encrypted hard disk
Pawel Jakub Dawidek
pjd at FreeBSD.org
Thu Oct 25 08:19:11 PDT 2007
On Thu, Oct 25, 2007 at 03:53:34PM +0200, Oliver Fromme wrote:
> > The pen-drive is not needed for your system to run and you can be easly
> > take it with you, which is not always the case for your laptop.
>
> Are you saying that the USB pen-drive can be removed while
> the system is running (after it has booted)? I remember
> that it was impossible in the past to remove the root vnode
> (which in this case would be the /boot file system from the
> pen-drive). Did that change recently? Or is there a way
> to change the system's root vnode from the pen-drive to the
> root file system on the encrypted disk? If so, then how?
The boot directory is different that root file system. /boot/ directory
is only accessed by loader before root file system is mounted. The root
file system can be mounted from encrypted disk, because loader loads the
kernel (and eventually geom_eli.ko module) from the /boot/ directory.
Most of the time /boot/ directory is on the root file system, but there
is no need for that - you can boot from different /boot/ directory and
have different /boot/ directory in your root file system.
--
Pawel Jakub Dawidek http://www.wheel.pl
pjd at FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20071025/b0bce5ed/attachment.pgp
More information about the freebsd-questions
mailing list