disk encryption with geli

Bill Moran wmoran at potentialtech.com
Fri Jul 24 15:38:26 UTC 2009

In response to Stefan Miklosovic <miklosovic.freebsd at gmail.com>:

> hi all
> i am going to encrypt my /home directory
> which is mounted in /etc/fstab like
> /dev/ad0s2f             /home           ufs         rw,noatime
> 2       2
> I did like is wrote in
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/disks-encrypting.html
> everything looks good. ad0s2f.eli appears in /dev and so on. I can mount it,
> umount and so.
> but after reboot, I am dropped to single user mode because of en error
> message which says that
> there is an inconsistency at /dev/ad0s2f
> do i have to encrypt whole ad0 or it is possible to encrypt only my /home?

You can do what you're attempting, I'm doing it in several places without

I suspect that you have the startup config wrong in /etc/rc.conf or in
/etc/fstab.  Make sure you're mounting the encrypted partition in
/etc/fstab (i.e. /dev/ad0s2f.eli and not /dev/ad0s2f) and make sure
you have all the geli startup config in /etc/rc.conf per the document
you referenced.

If that's not enough to help you, please provide your /etc/rc.conf, and
/etc/fstab, along with copy/paste of the exact error message you're

Bill Moran

More information about the freebsd-questions mailing list