Using GELI on boot disk with GPT labels?
ben.lavery at hashbang0.com
Sun Jan 12 16:30:29 UTC 2020
I've recently bought my first home server and am planning to run FreeBSD
12.1-RELEASE on it.
I would like to GELI encrypt (password based) all of the hard drives I
put into the server so that if/when they fail I can safely and
confidently dispose of them.
When setting up the server, I followed a number of recommendations to
use GPT labels for disks with a naming scheme that would allow me to
easily identify where failed disks physically are in the server (there
are 12 bays).
However, when I booted up the server after installing on an installer
configured zpool with GELI encryption, I noted that the disk IDs (e.g.
da0p3) was being used, and this seemed to extend to disks in different
I decided to do an experiment in VirtualBox with FreeBSD 12.1-RELEASE:
1. To install FreeBSD on ZFS with GELI encryption
2. To install FreeBSD on ZFS without GELI
(Links above show commands + output/details of installation)
I found that when I didn't use GELI I was able to use GPT labels,
however when I _did_ use GELI GPT labels were not available to me.
Is there a way to encrypt my boot pool _and_ use GPT labels?
If not, I would be interested to learn why.
More information about the freebsd-questions