Hello
I created an encrypted image disk like this:
I mounted it manually like this:
It works well!
So, I want to persist:
At boot, GELI never ask me the passphrase of my encrypted image disk and the boot process stop when trying to mount /encrypted.
So I commented my entry in /etc/fstab file, then I reboot. Again GELI don't ask me the passphrase and when I can login, I see my md0 is well attached to /encrypted.img.
I think GELI don't ask me the passphrase because he tries to attach /dev/md0 before mdconfig. That's right?
How I can mount my encrypted image disk at boot? Anyone have an idea? It is possible?
Regards
I created an encrypted image disk like this:
Bash:
truncate -s 1G /encrypted.img
mdconfig -at vnode -f /encrypted.img
dd if=/dev/random of=/root/encrypted.key bs=64 count=1
chmod 600 /root/encrypted.key
geli init -s 4096 -K /root/encrypted.key /dev/md0
geli attach -k /root/encrypted.key /dev/md0
newfs -j /dev/md0.eli
I mounted it manually like this:
Bash:
mdconfig -at vnode -f /encrypted.img
geli attach -k /root/encrypted.key /dev/md0
mount -o noatime /dev/md0.eli /encrypted
It works well!
So, I want to persist:
Code:
sysrc -f /boot/loader.conf geom_eli_load=YES
sysrc mdconfig_md0="-t vnode -f /encrypted.img"
sysrc geli_devices=md0
sysrc geli_md0_flags="-k /root/encrypted.key"
echo "/dev/md0.eli /encrypted ufs rw,noatime 0 0" >> /etc/fstab
At boot, GELI never ask me the passphrase of my encrypted image disk and the boot process stop when trying to mount /encrypted.
So I commented my entry in /etc/fstab file, then I reboot. Again GELI don't ask me the passphrase and when I can login, I see my md0 is well attached to /encrypted.img.
I think GELI don't ask me the passphrase because he tries to attach /dev/md0 before mdconfig. That's right?
How I can mount my encrypted image disk at boot? Anyone have an idea? It is possible?
Regards