geli

I have two similar systems I'm testing as database hardware. Both consist of 8x Samsung 860 Pro SSD's attached to LSI9003-8i, 256GB ram, equal chassis/backplane. The only variance is one server is an Epyc 7371, and the other a Xeon Gold 6130. Some snippets to get the lay of the land, first the...

I have two drives which are both geli encrypted and have the same partition scheme. I added both to an zfs mirror pool and created some smaller partitions in that pool. After a reboot im facing these problems: I can decrypt both drives, but only the first decrypted is shown as online and the...

Hello! I have a laptop with FreeBSD on encrypted ZFS. When I try to load with FreeBSD USB stick I always asked for geli passphrase. What is the strange behavior?? It is boot USB drive, isn't it? And if I wish to make a clean FreeBSD install? Tried with nomadBSD - all the same, tried with Arch...

How can I do that? user@serv:~ % l /dev/mirror/mirror 119 crw-r----- 1 root operator - 0x77 Aug 8 14:01:02 2019 /dev/mirror/mirro rc.conf geli_devices="mfid0p8 mirror" geli_mfid0p8_flags="-p -k /root/1.key" geli_mirror_flags="-p -k /root/2.key" mirror/mirror does not work as well.

First time, I have the following error. user@hpv3:/root % sudo dd if=/dev/random of=/root/data1.key bs=64 count=1 1+0 records in 1+0 records out 64 bytes transferred in 0.000215 secs (297142 bytes/sec) user@hpv3:/root % sudo geli init -s 4096 -K /root/da2.key /dev/mfid0p8 Enter new passphrase...

Hello! I have FreeBSD 12 installation with GELI encrypted ZFS root partition (created automatically from the installer). But now, my HW died and I need to import and mount the root filesystem as external disk. How can I mount this GELI encrypted ZFS root partition manually please? Note: In the...

Hello, I'm installing FreeBSD 12.0-Release and I'm using the Shell option in the installer to partition my disk by hand. I have a swap and a root partition. I'm using GPT label to label them, and GELI for the encryption. After completing the installation and rebooting the host, I'm asked for...

Good day! I have a box with FreeBSD 11.1-STABLE r326098 amd64. It have a ZFS root on GELI encrypted providers: zpool status pool: bootpool state: ONLINE scan: none requested config: NAME STATE READ WRITE CKSUM bootpool ONLINE 0 0 0...

Using a live media, I have taken a dd image of my main encrypted zfs GELI FreeBSD partition (not the entire disk) and of the encrypted key file as well. The dd image and the encrypted file are on an external disk now. Now I started FreeBSD normally, I did mdconfig and did a geli attach of the dd...

Can someone clarify how to use removable flash drive with encryption key with new full disc encryption process? The new approach is to encrypt /boot altogether with /root filesystem. So, as I understand, initial encryption performed by EFI loader. Is there a way to pass keyfile to EFI loader...

Hello, I want try to change the US keymap (Stdin?) that GELI uses to input the password. I used the automatic ZFS Geli encryption. Is it possible to change to spanish keyboard? I was reading this: But not solution found. Thanks, I am newbie at Freebsd. Sorry for my English.

Hello, So this is a long story. Last week i've upgraded from a ML110 G5 -> ML110 G6. I've been using FreeBSD for quite a while and been happy with it for a long time. I've read multiple threads about the ML110G6 being unable to use the keyboard at the BSD Bootloader. Thread #1 Thread #2 I've...

I would like to share HOWTO in ??????? ??????? series about fonts and frameworks. ??????? ??????? - ???? ?.? - ??????? ??????? ?? https://vermaden.wordpress.com/2018/11/20/freebsd-desktop-part-2-1-install-freebsd-12/ You may also like earlier articles in the series. Part 1 – Simplified Boot...

Hello everyone! Last week I tried to upgrade from source from 10.3-STABLE to 11.2-STABLE on my laptop but the new kernel (GENERIC) failed to boot. I thought that it might be safer to upgrade from binary, so I built and installed 10.3-RELEASE in order to get freebsd-update working and then I...

Heres how to change the geli password for encrypted zfs root partition find the root partition ls /dev/ | grep eli because i have an encrypted root and swap partition this returns 2 partitions ada0p4.eli and ada0p5.eli so we need to check /etc/fstab to see which partition is the swap and...

Hello, FreeBSD community. I need help with booting from an encrypted partition. Until now, my EFI machine booted from an unencrypted ZFS, while the rest of the system resided on an encrypted ZFS. The layout was like this: /dev/ada0 |- /dev/ada0p1 (efi, 800k) |- /dev/ada0p2...

I set up my FreeBSD-desktop nearly a year ago but with unencrypted disks (please don't ask…). Now I am in the need to encrypt at least the home directory of my user. What would be the best way to do that without reinstalling my system? I have two disks in one zpool-mirror taking up the whole...

Hello! I am setting up a FreeBSD file server with encrypted storage. The root filesystem is on ZFS and the storage disks are encrypted with GELI with ZFS on top of that. Now I want to make it easy for both me and my wife to mount the pool using a password after the server boots. I have created...

FreeBSD 11.1 i386 I have compiled and installed openssl from ports, so there are: a) /usr/bin/openssl (OpenSSL 1.0.2k-freebsd 26 Jan 2017) with /lib/libcrypto.so.8, /usr/lib/libssl.so.8 and b) /usr/local/bin/openssl (OpenSSL 1.0.2n 7 Dec 2017) with /usr/local/lib/libcrypto.so.9...

Hi, I'm new to FreeBSD and learning about geli encryption. I've setup a system using the FreeBSD 11.1 installer. The storage setup is 4x 6TB disks using zfs. Using the installer I chose a RAID 1+0 setup (using all four disks), with full-disk encryption. The installer created 2 zfs pools...