> Gesendet: Freitag, 11. Dezember 2015 um 11:33 Uhr > Von: "Stefan Sperling" <s...@stsp.name> > An: "Alexander Hall" <alexan...@beard.se> > Cc: "Stuart Henderson" <s...@spacehopper.org>, misc@openbsd.org > Betreff: Re: NOT POSSIBLE: Fully encrypted system with keydisk > > On Fri, Dec 11, 2015 at 09:53:48AM +0100, Alexander Hall wrote: > > On December 11, 2015 1:27:52 AM GMT+01:00, Stuart Henderson > > <s...@spacehopper.org> wrote: > > >On 2015-12-10, Stefan Wollny <stefan.wol...@posteo.de> wrote: > > > > >> YES: I did 'bioctl -C force -c C -l /dev/sd0d -k /dev/sd1d softraid0' > > >> YES: I did again 'sh ./MAKEDEV all' to catch the newly created sd2 > > > > > >In the above step, you have run yourself out of space on the > > >ramdisk by creating a load of device nodes that you don't have > > >space for and don't need. > > > > Indeed. In particular, you tend to run out of inodes. > > > > /Alexander > > Yes. That step should be: sh ./MAKEDEV sd2 >
@Alexander, Stefan & Stuart: I can confirm that this was the cause for the error message. Doing it as you advised enabled me to install amd64-current, yet some step is still missing as afer the reboot the system does not come up (stops at the splash screen not entering any boot operation). A few words on my use case: From my customers I get sensible personal data on their customers (not only name/address, but job related information, income statements, ratings, etc.). Loosing the laptop when traveling would be painful but loosing the confidentiality would really hit me. My setup: The laptop has two SSDs - a big one for '/home' and a smaller one (mSata) for the system (plus some spare). The system-SSD (=sd0) has one partiion 'd' which gets unlocked by the keydisk's 'd' partition (=> sd3) The /home-SDD (=sd1) has one partition 'e' which gets unlocked by the keydisk's 'e' partition (=> sd4) On the keydisk (=sd2) there are some more partitions for keys and storage: 'f' to unlock a backup-disk which I use onsite. 'g' and 'h' for future use to unlock other devices (like e.g. USB devices). 'i' an additional RAID partition for other sensible stuff (e.g. passwords for clients' systems which should be accessible in case of emergency from an unencrypted OpenBSD-box as well. @stuart: dd fails with "file system ist full \ dd: /dev/rsd3c: No space left on device" @trondd: Not having an 'a' partition on one of the three devices seemed to be helpful to memorize that this is not a 'normal' partition. No real technical reason otherwise. OK - follow up problem: After the installation on /dev/sd3 (plus setting up /dev/sd4 for /home) I did not reboot but run installboot(8) like so: # /usr/sbin/installboot sd3 This last produced an error message about /usr/mdec/biosboot missing. Mind giving me an other hint on what I might have missed? I searched the man pages but nothing obvious came to me. Has there been some recent changes? TIA. Best, STEFAN BTW: A dmesg from an unencrypted install can be found here: http://marc.info/?l=openbsd-misc&m=144956819405937&w=2
