From owner-freebsd-questions@FreeBSD.ORG Thu Feb 19 19:00:08 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A5B1616A4CE for ; Thu, 19 Feb 2004 19:00:08 -0800 (PST) Received: from cpanel10.gzo.com (69-56-171-54.theplanet.com [69.56.171.54]) by mx1.FreeBSD.org (Postfix) with ESMTP id 86ED643D1D for ; Thu, 19 Feb 2004 19:00:08 -0800 (PST) (envelope-from dany_list@natzo.com) Received: from pcp04633543pcs.gambrl01.md.comcast.net ([68.49.69.186] helo=natzo.com) by cpanel10.gzo.com with asmtp (TLSv1:RC4-MD5:128) (Exim 4.24) id 1Au0tP-0000IZ-LT for freebsd-questions@freebsd.org; Thu, 19 Feb 2004 20:59:55 -0600 Message-ID: <40357857.1040705@natzo.com> Date: Thu, 19 Feb 2004 22:00:39 -0500 From: Dany Nativel User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <40314E16.3040909@natzo.com> In-Reply-To: <40314E16.3040909@natzo.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - cpanel10.gzo.com X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - natzo.com Subject: Re: GBDE - Destroy command not working X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Feb 2004 03:00:09 -0000 It didn't work but after several other attempts. I've been able to run it using a specific combination. So to summarize, in my case, I can only run "destroy" : - using external lock files (-l parameter mandatory) - with the current key only (no -n -1 parameter to say destroy them all) - using /dev/xxx (xxx only doesn't work) First, what's not working : --> Without detached lockfile # kldload geom_bde # gbde init /dev/da0 -i # gbde attach da0 # gbde detach da0 # gbde destroy da0 Enter passphrase: gbde: read: Inappropriate ioctl for device and also # gbde destroy /dev/da0 Enter passphrase: gbde: No -L option and no space in sector 0 for lockfile --> With detached lockfile # gbde destroy da0 -l /etc/mykey Enter passphrase: gbde: Error 22 decrypting lock and then # gbde destroy /dev/da0 -l /etc/mykey Enter passphrase: Wrote key 0 at 5371894 And it worked for the current key. I also tried to use the -n x, --n x parameter (with x= -1, 1) but it never worked! At one point I even received a Fatal trap 12: page fault while in kernel mode (many of them in fact) Dany Nativel wrote: > I've been playing around with GBDE under 5.2RC2-1. It's a fantastic > encrypted FS. > Following the man page, I've tried to use the destroy command but > without success. > > Here is what I did to create the encrypted FS (for this test I didn't > use the /dev/random to fill-up the disc). > > # kldload geom_bde > # gbde init /dev/da0 -i > # gbde setkey /dev/da0 -n 2 > # gbde attach /dev/da0 # newfs /dev/da0.bde > # mount /dev/da0.bde /mnt/usbkey > --> use the FS, works fine > # umount /mnt/usbkey > # gbde detach da0 > > Then according to the man page I should use : > #gbde destroy da0 -n -1 to purge all keys but I get : > gbde: illegal option -- n > > so I changed to : > #gbde destroy da0 --n -1 and got : > gbde: read: Innapropriate ioctl for device > > so I changed to : > #gbde destroy /dev/da0 --n -1 and this time I get the password prompt > but it fails to destroy anything : > Enter passphrase: > Opened with key 0 > gbde: No -L option and no space in sector 0 for lockfile > > Maybe I didn't understand the purpose of the this command. I thought > it was going to replace each lock key with some random data. > Can somebody explain me how to use the "destroy" command ? > > Thanks > Dany > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org"