This is totally fantastic what jsing@ did, boot(8) can now ask for passphrase for root disk laying on softraid crypto volume. It works OK.
But I didn't know it works with passphrase beforeso I first tried with keydisk... What a surprise, boot(8) could not use key disk for crypto volume (still printing 'Passphrase:'). Is this my PEBKAC/a bug or this feature is still WIP? If boot(8) can ask for passphrase now, can we look forward for dual authentication (keydisk + passphrase) in the future? Is OpenBSD first opensource OS which can boot from totally encrypted crypto volume _by default_? I'm not aware of any other OS which can do it. (Linuxes use ramdisk...). jirib
