full disk encryption with geli - where does the stuff in
gilmordron at yahoo.com
Mon Apr 11 02:47:34 UTC 2011
I am attempting to set up full disk encryption with GELI, booting from an
unencrypted thumb drive, using the following PDF by Marc Schiesser as a guide:
In section 3.5.5, "The removable medium", it says to copy everything from the
fixed disk's boot directory to the thumb drive, and then zip up various things
from the removable disk's boot/kernel directory (the fixed disk is mounted as
/fixed and the removable as /removable):
# cp -Rpv /fixed/boot /removable
# cd /removable/boot/kernel
# gzip kernel geom_eli.ko acpi.ko
My issue is that there is nothing in /removable/boot/kernel.
Obviously whatever would be there would have come from the "cp -Rpv /fixed/boot
/removable" line, so I checked in /fixed/boot/kernel, and there's nothing there
Presumably whatever would be in /fixed/boot/kernel would have been placed there
in the previous step, section 3.5.4, which includes:
# mount /dev/ad0.elia /fixed
# export DESTDIR=/fixed/
# cd /dist/6.0-RELEASE/base && ./install.sh
That did create a bunch of stuff on /fixed, including /fixed/boot and even
/fixed/boot/kernel, but it did not place any files in /fixed/boot/kernel.
One difference that I should mention at this point is that I'm using 8.2, not
6.0, so I actually did a "cd /dist/8.2-RELEASE/base" instead of the "cd
/dist/6.0-RELEASE/base" that the document suggests. Other than that, I think I
did everything the same as it suggests.
Is there a step missing in the document? Or did I screw something up?
In any case, can I just copy the necessary files to /removable/boot/kernel from
/dist/boot/kernel instead of from /fixed/boot/kernel? Or do I have to get them
in some other way? And what files are needed? Obviously kernel, geom_eli.ko, and
acpi.ko, and I believe that geom_eli.ko requires both zlib.ko and crypto.ko, but
do I have to get any other files, too?
Thanks in advance for any help.
More information about the freebsd-questions