From owner-freebsd-questions@FreeBSD.ORG Fri Jul 27 20:55:16 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6130116A417 for ; Fri, 27 Jul 2007 20:55:16 +0000 (UTC) (envelope-from lreid@cs.okstate.edu) Received: from a.cs.okstate.edu (a.cs.okstate.edu [139.78.113.1]) by mx1.freebsd.org (Postfix) with ESMTP id 36F2413C46B for ; Fri, 27 Jul 2007 20:55:16 +0000 (UTC) (envelope-from lreid@cs.okstate.edu) Received: from [172.18.0.137] (sky_cpfw-1.tulsatech.org [70.168.226.130]) by a.cs.okstate.edu (Postfix) with ESMTP id 9DA06A0837; Fri, 27 Jul 2007 15:55:15 -0500 (CDT) Message-ID: <46AA5BB2.2010406@cs.okstate.edu> Date: Fri, 27 Jul 2007 15:55:14 -0500 From: Reid Linnemann User-Agent: Thunderbird 2.0.0.0 (X11/20070615) MIME-Version: 1.0 To: Rolf G Nielsen References: <46AA53CA.3090309@lazlarlyricon.com> <46AA5A62.1090309@cs.okstate.edu> In-Reply-To: <46AA5A62.1090309@cs.okstate.edu> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: ELI passphrase on boot with USB keyboard X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jul 2007 20:55:16 -0000 Written by Reid Linnemann on 07/27/07 15:49>> > Written by Rolf G Nielsen on 07/27/07 15:21>> >> Hi, >> >> I recently purchased a new USB keyboard, since my old PS/2 one has >> seen its best days. This has caused me annoying problems with my ELI >> disks, though. >> >> I have four SATA harddrives, all of which are encrypted using ELI >> encryption. I've encrypted the raw disks, ad0, ad1, ad2 and ad3. The >> resulting devices ad0.eli, ad1.eli, ad2.eli and ad3.eli, I've >> concatenated into a large device, cc0, on which I have several >> partitions. To get this working, I of course need to boot from a >> separate device, and for that I use an SD card, which holds a boot >> directory. With my old PS/2 keyboard, this worked like a charm, but it >> seems to me, the ukbd driver isnt activated until after the ELI >> encryption, which means I'm unable to enter the passphrases for the >> disks, thus I can't get the computer passed the first passphrase prompt. >> >> Currently I have both the old keyboard and the new USB one connected. >> I use the PS/2 one to enter the passphrases, then I put it on the >> floor under my desk and use the USB keyboard. As you may very well >> understand, this is quite annoying. Is there a way to get the USB >> keyboard to work at the point where I enter the passphrases? >> >> I've tried to change the keys for the disks to not use a passphrase, >> but only keyfiles and load them from loader.conf, just as described in >> the GELI man page (yes I did set the -P option), but that simply will >> not work (and to be honest, it's not a solution I'd favour); if I set >> the -b option (ask for passphrase on boot), it still asks for the >> passphrase, though there is none, and if I set the -B option (don't >> ask for passphrase on boot), the computer ends up at the "mountroot>" >> prompt. >> >> I'd appreciate any help. >> >> Sincerly, >> >> Rolf Nielsen >> > > Try setting hints.atkbd0.disabled to 1 in the loader, or in the > device.hints file. Your usb keyboard may work in early stages with that > device hint. Erm, set the hint in the loader _first_, and then only put it in device.hints if it works!