hey,
I set this up last week it seems to work but whether it's actually a good idea or not ... in particular I wonder if I should have disabled the cache on the nested zpool rather than the parent zvol, and whether I actually need to unmount the nested zpool to snapshot and sync. It would be...
Nutshell: Do I only need the *.eli files from /var/backups if the drive metadata has become mangled? That is, an undamaged geli-encrypted device shouldn't need its backup .eli file, yes?
I recently managed to bork my system (only gets ~18 process IDs into boot before it segfaults attempting to...
I have a zfs pool encrypted with geli. After a clean system boot, I mount the geli devices, then do zfs status tank so the pool is discovered. The system panics. I found and old thread documenting a similar issue (involving SSDs and GELI), but it still seems to be happening. Here's my stack...
Hi
I am trying to install FreeBSD 11.0-RELEASE on the GELI encrypted ZFS pool without /boot on a separate unencrypted partition.
I tried this on real hardware (ThinkPad T420s laptop) and under VirtualBox (both with UEFI) without luck.
These are the steps which I tried:
# boot FreeBSD...
Hi guys,
I've recently moved my system to new box. At first boot up I got an error with attaching my encrypted disks (GELI) saying there's a problem with metadata. So I've restored it with my backup file with geli restore. Attaching is no longer an issue now I can't mount it or even fsck.
When...
I’ve never been in a server room from which I could not steal a random hard drive without getting caught, if I wanted. I have been in server hosting companies’ rooms in more than one countries.
Should I find one that employs guards with machine guns, still there is a point from which it isn’t...
Hello,
I am writing a driver for PCI crypto card. The driver supports both synch and asynch mode.
Problem is when offloading auth+cipher(chained) operations to hardware with geli when driver is in asynch mode. Either writes or reads are always going bad.
newfs throws the error "newfs: can't...
Hi,
Previously, I only had these two lines in /etc/rc.conf:
geli_devices="ada2p1"
geli_ada2p1_flags=" -k /root/geli.key"
But due to other options, I want the passphrase to be asked during the initial phase of the boot process. So, what I did according to what I've read was to add these lines...
I have read a lot about gbde, geli and dm-crypt under linux, but a question remains: Why would iI store my master key on the disk? Seriously! Anybody could rip the metadata off the disk in no time and brute force the password in a cluster without even having additional encrypted sample data...
Hi, guys!
I have question.
I've FreeBSD 10.2 installed on my server.
I've added GELI support in kernel.
Now, I want to added load options for GELI in kernel :
geli_<device_name>_<name_key>_name
geli_<device_name>_<name_key>_type
geli_<device_name>_<name_key>_load
Is it possible to do it...
Hello,
I have multiple internal drives that are encrypted with geli via a password only. I am running 10.1 presently, and upon reboot I am asked for a password to decrypt the drives and continue the boot process. I do not have anything in /boot/loader.conf about them, other than instructing it...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.