geli

  1. JohnnySorocil

    FreeBSD encrypted ZFS without boot partition

    Hi I am trying to install FreeBSD 11.0-RELEASE on the GELI encrypted ZFS pool without /boot on a separate unencrypted partition. I tried this on real hardware (ThinkPad T420s laptop) and under VirtualBox (both with UEFI) without luck. These are the steps which I tried: # boot FreeBSD...
  2. vojtaz

    UFS After GELI restore metadata can't fsck or mount

    Hi guys, I've recently moved my system to new box. At first boot up I got an error with attaching my encrypted disks (GELI) saying there's a problem with metadata. So I've restored it with my backup file with geli restore. Attaching is no longer an issue now I can't mount it or even fsck. When...
  3. M

    Startup hosting and sleeping well (encryption)

    I’ve never been in a server room from which I could not steal a random hard drive without getting caught, if I wanted. I have been in server hosting companies’ rooms in more than one countries. Should I find one that employs guards with machine guns, still there is a point from which it isn’t...
  4. A

    Geli with asynchronous chained crypto operations

    Hello, I am writing a driver for PCI crypto card. The driver supports both synch and asynch mode. Problem is when offloading auth+cipher(chained) operations to hardware with geli when driver is in asynch mode. Either writes or reads are always going bad. newfs throws the error "newfs: can't...
  5. L

    Solved geli passphrase asked twice: on boot and afterwards

    Hi, Previously, I only had these two lines in /etc/rc.conf: geli_devices="ada2p1" geli_ada2p1_flags=" -k /root/geli.key" But due to other options, I want the passphrase to be asked during the initial phase of the boot process. So, what I did according to what I've read was to add these lines...
  6. sku1d

    Solved Question about disk encryption: Why the master key always gets stored on the encrypted disk?

    I have read a lot about gbde, geli and dm-crypt under linux, but a question remains: Why would iI store my master key on the disk? Seriously! Anybody could rip the metadata off the disk in no time and brute force the password in a cluster without even having additional encrypted sample data...
  7. E

    Solved loader.conf options in my kernel

    Hi, guys! I have question. I've FreeBSD 10.2 installed on my server. I've added GELI support in kernel. Now, I want to added load options for GELI in kernel : geli_<device_name>_<name_key>_name geli_<device_name>_<name_key>_type geli_<device_name>_<name_key>_load Is it possible to do it...
  8. aorchid

    Other geli and external firewire drive boot question

    Hello, I have multiple internal drives that are encrypted with geli via a password only. I am running 10.1 presently, and upon reboot I am asked for a password to decrypt the drives and continue the boot process. I do not have anything in /boot/loader.conf about them, other than instructing it...
Top