mhca12 <mhc...@gmail.com> wrote: > On Mon, Feb 4, 2013 at 1:06 PM, Fabian Keil wrote: > > mhca12 <mhc...@gmail.com> wrote: > > > >> I followed the guide on dan.me.uk to install FreeBSD 9.1 amd64 > >> but I get always stuck because the kernel doesn't ask me for the > >> passphrase and doesn't find the /dev/gpt/enc.eli where enc is the > >> label I gave to the root partition. I also tried with /dev/ada0p3.eli > >> without success. > >> > >> Tried the following two /boot/loader.config variations: > >> 1: > >> geom_eli_load="YES" > >> vfs.root.mountfrom=”ufs:/dev/gpt/enc.eli” > >> 2: > >> geom_eli_load="YES" > >> vfs.root.mountfrom=”ufs:/dev/ada0p3.eli” > >> > >> I can geli attach /dev/gpt/enc or /dev/ada0p3 successfully from > >> the livecd. > >> > >> Can you advise me what I might have done wrong or what I > >> should try? > >> > >> https://www.dan.me.uk/blog/2012/05/05/full-disk-encryption-in-freebsd-9-x-well-almost/ > > > > This guide doesn't seem to match your configuration. > > It uses ada0p3.eli for swapping and additionally uses keyfiles. > > > > Without knowing your actual configuration it's impossible to > > give proper advice. You could check with "geli list ada0p3" if > > the boot flag is set, but that's obviously just a wild guess ... > > Forgot to list my simpler setup: > ada0p1 freebsd-boot > ada0p2 freebsd-ufs label boot /boot > ada0p3 geli freebsd-ufs label enc / > > Do I have to set the boot flag for any of them?
The geli passphrase is only requested at boot time for providers that have the geli boot flag set (for details see geli(8)). If it isn't set on ada0p3 it would explain the described behaviour. Fabian
signature.asc
Description: PGP signature
