On Sat, Aug 25, 2012 at 05:08:31PM +0200, Erling Westenvik wrote: > On Sat, Aug 25, 2012 at 07:03:42AM -0600, Aaron wrote: > > > > It is possible if you use different partitions on the same drive, however, > > you would have to run -P twice ( once for each volume ). > > > > Sorry for not mentioning that I'm aware about the possibility of having > several mini partitions on the key disk, one for each encrypted machine. > Also, the -P switch in bioctl(4) has nothing to do with the creation of > a key disk since the passphrase is generated automatically when invoking > > # bioctl -C force -c C -l /dev/wd0d -k /dev/sd0d softraid0 > > What I'm looking for is a way to have only one key disk partition for > multiple machines. (Perhaps also a way to manually specify a passphrase > in case of a lost/forgotten key disk, or a way to create a new key disk > in case of a corrupted image. But I may be way out on this one..)
There is no (easy) way of doing either of these things currently. Your best option would be to create multiple partitions and have a keydisk for each crypto volume, but on the same USB key/memory card.
