Dear all, I have tried to look at the doc and through this mailing list to understand where the bootloader is located for a Full Disk Encryption (FDE) install.
There are two devices setup, sd0 and sd1 for the encrypted volume. From the man pages, my current understanding is that when the installer runs installboot sd1 (where sd1 is the where the softraid is attached), then: - the first stage would be installed in the first sectors of the backing disk (installboot -v resports sd0a: would install boot blocks on /dev/rsd0c, part offset 144) - the 2nd stage bootloader in the softraid volume, the man page says "in the storage area oft he softraid volume". If I wanted to check the integrity of the bootloaders against what is in /usr/mdec, how would I go about it? - I know the possible issues with that and with trust, etc. I'm going down a rabbit hole for the sake of learning a few things along the way. Thanks in advance, Thomas
