The thing is: you have to think through the possible attack. In this particular case, we need to think about "multi factor authentication". Typically today reasonably secure machines (like laptops used by banks or major corporations) use 2-factor authentication: to get in, you need to have two things. Typically it is one thing you know (the password, which you have to type in), and one thing you have (like a fingerprint reader, badge reader, USB-connected authentication dongle, or a RSA keyfob that displays secret numbers). What folks here seem to be requesting is zero-factor authentication, which simply makes no sense: It is no longer "authentication" if the system opens it doors, independent of whether the user is legitimate or an attacker. As Chris_H correctly points out, different authentication factors have different security: for example, if you type a password while sitting in the open, someone can see your fingers moving and figure out what you typed; or for example, someone could hit you over the head and take your USB authentication away (or worse, take your fingerprint away, which would really hurt). They also have different convenience: having to type your password every time is a big hassle; and I've seen way too many people have to walk over to the tech support office because they forgot their authentication device at home. We tolerate that risk and inconvenience, for the sake of keeping our data more safe.
So let's talk about the concrete case of an encrypted geli partition:
Example 1: You have a single disk. You use a non-encrypted root file system, which allows the OS to come up. You also have a second encrypted partition, containing data that needs to be secured. On the root file system is a small file, for example in /etc, which contains the geli decryption key (or passphrase or password) in clear text. In the /etc/rc.local script is a command to automatically decrypt the secure file system on every boot. This setup is COMPLETELY INSECURE: anyone who can log in to the machine (or in general, run a process on it) can also get to the "secure" data. Anyone who physically takes that one disk and steals it can read the file that contains the password, and manually decrypt the second partition. Whoever set this up is either a fool or a criminal: they got no security at all, in spite of using encryption. They are either deceiving themselves into believing the system is secure (that would be foolish), or misleading their boss (that would be criminal).
Example 2: Same disk with two partitions (root partition in clear, secure partition encrypted), except the decryption key is not stored on the system at all. Instead, after boot a person needs to walk up to the system, plug in a small USB memory stick that contains the key, wait a second or two for some script that has been waiting in the background to read the key and unlock the secure partition, and then remove the key again and put it back in his pocket. This is reasonably secure, although it relies on having only a single factor: if someone hits the sysadmin over the head and takes the key from his pocket, security has been breached.
Example 2a and 2b: Same as example 2, except that this time the sys admin has to provide the key by typing in a password or passphrase, or by providing *both* the USB stick and the password. This is more secure, in particular when using 2-factor authentication.
Example 3: Same disk with two partitions, but now the machine's server hardware itself is reasonably trusted. For example, it has a device on the motherboard which is an immutable serial number that's cryptographically secure (that's called a TPM in the business), and it has a switch that detects when the case has been opened (to guard against someone inserting something like a spying PCIe card, which snoops on the bus). When the system boots, it contacts a key server, presenting its cryptographically secure serial number, and asserting that the hardware has not been tampered with (the case has not been opened). When the key server receives this message (in the correct form and with the correct data), it sends the decryption key over the network (in a suitably secure manner, with the help of Diffie-Hellman that's doable), and the machine unlocks the second partition. The key server itself is physically highly secure, for example installed in a special rack in the data center, which is placed inside a strong steel case with locked doors, and bolted to the concrete floor. Again, this system is reasonably secure, and it needs no USB stick and no password. However, to get to this convenience, the administrator had to install a highly secure key server, and implement a TPM, trusted network protocols, and all that stuff. This is how really secure cluster computing is done (using self-encrypting disks).
What the original posters seem to want is the really secure system, with the convenience of the high-end key management solution, but without the cost. Sorry, you can't have that. TANSTAAFL.