geli keyfile not loading at boot
Bernt Hansson
bah at bananmonarki.se
Sat Aug 23 12:58:43 UTC 2014
On 2014-08-20 23:13, Michael W. Lucas wrote:
> On Wed, Aug 20, 2014 at 06:10:51PM +0300, Anton Sayetsky wrote:
>> 2014-08-20 18:05 GMT+03:00 Michael W. Lucas <mwlucas at michaelwlucas.com>:
>>> Hi,
>>>
>>> I have a default FreeBSD 10.0/amd64 install.
>>>
>>> I'm trying to make a GELI device attach at boot. I initialized the
>>> partition with -b, and am prompted at boot. When I try to enter the
>>> passphrase, I keep getting told that it's incorrect. Once I get into
>>> multi-user mode and manually attach the device, it attaches just fine.
>>>
>>> It seems that GELI isn't finding my key file.
>>>
>>> My initial root partition is da0p2. The key is /boot/da1p1.key. The
>>> GELI partition is da1p1. Here's my loader.conf:
>>>
>>> geom_eli_load=YES
>>> geli_da1p1_keyfile0_load="YES"
>>
>> ->>>
>>> geli_da1p1_keyfile0_type="da0p2:geli_da1p1_keyfile0"
>> -<<<
>> This is wrong.
>
> Thanks, Anton. This stuff is poorly documented.
>
>>From looking at
> https://lists.freebsd.org/pipermail/freebsd-geom/2014-June/005944.html,
> it looks like this should work, but it doesn't.
>
> geli_da1p1key_keyfile0_load="YES"
> geli_da1p1key_keyfile0_type="da0p2:geli_keyfile0"
> geli_da1p1key_keyfile0_name="/boot/da1p1.key"
> boot_verbose=1
>
> Any suggestions, folks? Is there a good explanation out there
> anywhere? All I've found are PRs and very specific mailing list posts
> aimed at specific situations. If I can figure out the general case,
> I'll get it in the man page.
This page is quite good.
http://cb.vu/unixtoolbox.xhtml
More information about the freebsd-questions
mailing list