Date: Sun, 8 Apr 2007 13:27:31 +0100 From: RW <fbsd06@mlists.homeunix.com> To: freebsd-geom@freebsd.org Subject: Re: Geli Encrypted DVDs Message-ID: <20070408132731.442d1d39@gumby.homeunix.com> In-Reply-To: <20070408023450.GV63916@garage.freebsd.pl> References: <20070408005942.48c10ea8@gumby.homeunix.com> <20070408003233.GT63916@garage.freebsd.pl> <20070408033114.128f7da8@gumby.homeunix.com> <20070408023450.GV63916@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 8 Apr 2007 04:34:50 +0200 Pawel Jakub Dawidek <pjd@FreeBSD.org> wrote: > On Sun, Apr 08, 2007 at 03:31:14AM +0100, RW wrote: > > On Sun, 8 Apr 2007 02:32:33 +0200 > > Pawel Jakub Dawidek <pjd@FreeBSD.org> wrote: > > > > > On Sun, Apr 08, 2007 at 12:59:42AM +0100, RW wrote: > > > > > > > > In the questions list Roland Smith suggested that a geli > > > > encrypted dvd could be created by burning the backing file from > > > > an geli encrypted md device as a disk image. > > > > > > > > We were neither able to attach the DVD device though, see: > > > > > > > > http://lists.freebsd.org/pipermail/freebsd-questions/2007-March/145433.html > > > > > > > > Does anyone know if this can be made to work? > > > > > > > > FWIW I have no problem putting a UFS2 filesystem on a DVD-R > > > > without geli. > > > > > > Could you give me the output of: > > > > > > # ls -l $HOME/backupDVD.img > > > # diskinfo -v /dev/acd0 > > > # geli dump /dev/acd0 > > > > > > > > > # ls -l /home/t/dvd.img > > -rw-r--r-- 1 bob bob 4613734400 Mar 21 13:15 /home/t/dvd.img > > > > # diskinfo -v /dev/acd0 > > /dev/acd0 > > 2048 # sectorsize > > 4613734400 # mediasize in bytes (4.3G) > > 2252800 # mediasize in sectors > > > > # geli dump /dev/acd0 > > Cannot read metadata from /dev/acd0: Invalid argument. > > Not fully done. > > > > ------------------------------------------------- > > > > If I run the last command on the image file's md device instead: > > > > # geli dump /dev/md0 > > Metadata on /dev/md0: > > magic: GEOM::ELI > > version: 3 > > flags: 0x0 > > ealgo: AES-CBC > > keylen: 256 > > provsize: 4613734400 > > sectorsize: 512 > > The problem is different size between CD and your image. Try to create > image with -S 2048 option. > Thanks, that worked. For the benefit of anyone trying this, the -S 2048 option is to mdconfig. If you just use geli init -s 2048 without setting the sector size in mdconfig, the dvd device fails to attach. mdconfig(8) is a bit misleading when it defines: "-S sectorsize Sectorsize to use for malloc backed device."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070408132731.442d1d39>