Hello, smaccal...@protonmail.com (Scott C. MacCallum), 2020.01.28 (Tue) 18:52 (CET): > Thank you for sharing the encrypted home slice resource. I'm looking > forward to giving that a shot.
I'd recommend two slices on the encrypted device. One small one (5GB) and a large one (in my case 850GB). Make the small one the "a" slice and the large one the "d" slice. Mount the small one as $HOME, the large one as $HOME/data (or whatever you like). This way, if you crash your system and fsck(8) needs to be run, you get to access your $HOME fast and not only after fsck has finished on the large slice. Since your $HOME is now on softraid(4) CRYPTO, you need a way do unlock your encrypted device *before* log in. What's you plan for that? Marcus > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > On Tuesday, January 28, 2020 10:38 AM, Gao-Mi Baohao <thrirhraf...@gmail.com> > wrote: > > > Scott: > > > > The last time I messed with it, booting from crypto softraid was not > > supported on macppc (only i386, amd64, and sparc64). The man page > > for softraid ( https://man.openbsd.org/softraid.4 ) seems to confirm > > that this is still the case. > > > > It looks like the openbsd macppc loader simply does not support > > softraid volumes at this time. > > > > Most recently, when I was looking for something similar on an > > aluminum g4 powerbook, I ended up just doing an encrypted home > > slice, unlocked at boot from rc.local (for example, see > > http://astro-gr.org/openbsd-encrypt-home/ ). > > > > On Tue, Jan 28, 2020, 9:57 AM Scott C. MacCallum > > <smaccal...@protonmail.com> wrote: > > > >> Good morning, > >> > >> I have a Titanium PowerBook G4 and I'd like to do full disk > >> encryption before the installation of 6.6. I've referenced: > >> https://www.openbsd.org/faq/faq14.html#softraidFDE and > >> https://ftp.openbsd.org/pub/OpenBSD/6.6/macppc/INSTALL.macppc, > >> making device changes where I think it's appropriate, but after > >> installation I got the infamous blinking Mac folder. > >> > >> I've since successfully installed 6.6 without full disk encryption, > >> so I suspect my failure is a result of picking a correct Open > >> Firmware device-specifier. > >> > >> Has anyone had success with this? > >> > >> Scott
