How to disable GELI selectively?
thor
thor at irk.ru
Mon Jun 18 16:19:10 UTC 2018
Hello!
Here I have a computer with 2 HDDs partitioned identically with GELI
encrypted root as in
https://forums.freebsd.org/threads/howto-full-disk-encryption-fast-way.19082/
When I boot the computer it properly asks the passphrase for /dev/ada0p3
and mounts /dev/ada0p3.eli as a root.
Then, it asks "Enter passphrase for gptid...." which I don't want since
the second HDD should be attached manually when needed ONLY and all
other time it should be unmounted. I am to press enter enough times to
make me mad.
I have found
https://lists.freebsd.org/pipermail/freebsd-stable/2012-July/068704.html
but it resolves the problem how to mount /dev/ada1p3.eli on boot but not
how not to mount it.
kern.geom.eli.tries=0 makes geli not to ask for every passphrase
including /dev/ada0p3 and the boot correspondingly totally fails.
What should I do?
Thor
More information about the freebsd-questions
mailing list