geli authentication algo and newfs weirdness

Vinny vinny-mail-01+f.questions20080919 at
Sat Sep 20 18:50:09 UTC 2008

Wojciech Puchar wrote:
>> the/root{156}~# geli init -a hmac/sha256 /dev/da1
>> Enter new passphrase:
>> Reenter new passphrase:
>> the/root{157}~#
>> the/root{157}~# geli attach da1
>> Enter passphrase:
> check what is default (and possibly minimum) sector size for hmac/sha256
> fragment size of UFS can't be less
> _______________________________________________

 From the geli dump output I supplied, it looks like the
sector size is 512.

the/root{110}~# geli dump -v da1
Metadata on da1:
      aalgo: HMAC/SHA256
   provsize: 160041885696
sectorsize: 512

newfs is using a fragment size of 2048, it also only sees
half of the disk--76G instead of 152G

the/root{163}~# newfs  /dev/da1.eli
/dev/da1.eli: 76313.9MB (156290900 sectors) block size 16384, fragment 
size 2048
         using 416 cylinder groups of 183.77MB, 11761 blks, 23552 inodes.
newfs: can't read old UFS1 superblock: read error from block device: 
Invalid argument

Any other ideas?  Without the authentication, geli
provider sector size is 4096.

Should I specify a fragment size of 512 with newfs -f 512?

Thanks for your help.

More information about the freebsd-questions mailing list