On Sat, Aug 25, 2012 at 05:08:31PM +0200, Erling Westenvik wrote: > On Sat, Aug 25, 2012 at 07:03:42AM -0600, Aaron wrote: > > > > It is possible if you use different partitions on the same drive, however, > > you would have to run -P twice ( once for each volume ). > > > > Sorry for not mentioning that I'm aware about the possibility of having > several mini partitions on the key disk, one for each encrypted machine.
k > Also, the -P switch in bioctl(4) has nothing to do with the creation of > a key disk since the passphrase is generated automatically when invoking I never intended to imply that -P had anything to do with creation. I simply meant that you would have to run bioctl with the -P option twice, once for each partition when changing your passphrase. > > # bioctl -C force -c C -l /dev/wd0d -k /dev/sd0d softraid0 > > What I'm looking for is a way to have only one key disk partition for > multiple machines. (Perhaps also a way to manually specify a passphrase > in case of a lost/forgotten key disk, or a way to create a new key disk > in case of a corrupted image. But I may be way out on this one..) > One key disk for multiple machines is impossible from what I understand. Passphrase fallback is also currently impossible. Creating a backup key disk can be done with dd: dd if=/dev/rsd1c of=keydisk.img bs=1m Restore with: dd if=keydisk.img of=/dev/rsd1c bs=1m
