From owner-freebsd-geom@FreeBSD.ORG  Sat Apr  8 10:39:53 2006
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
X-Original-To: freebsd-geom@freebsd.org
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1ACB516A400
	for <freebsd-geom@freebsd.org>; Sat,  8 Apr 2006 10:39:53 +0000 (UTC)
	(envelope-from pjd@garage.freebsd.pl)
Received: from mail.garage.freebsd.pl (arm132.internetdsl.tpnet.pl
	[83.17.198.132])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6A48343D45
	for <freebsd-geom@freebsd.org>; Sat,  8 Apr 2006 10:39:51 +0000 (GMT)
	(envelope-from pjd@garage.freebsd.pl)
Received: by mail.garage.freebsd.pl (Postfix, from userid 65534)
	id AC07051CCF; Sat,  8 Apr 2006 12:39:49 +0200 (CEST)
Received: from localhost (dlc17.neoplus.adsl.tpnet.pl [83.24.32.17])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.garage.freebsd.pl (Postfix) with ESMTP id 372755174E;
	Sat,  8 Apr 2006 12:39:42 +0200 (CEST)
Date: Sat, 8 Apr 2006 12:38:34 +0200
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
To: Adam Wood <aswood@gmail.com>
Message-ID: <20060408103834.GA2135@garage.freebsd.pl>
References: <77518d100604071527o8a53760u3dce7b318655e7a9@mail.gmail.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="fUYQa+Pmc3FrFX/N"
Content-Disposition: inline
In-Reply-To: <77518d100604071527o8a53760u3dce7b318655e7a9@mail.gmail.com>
X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc
X-OS: FreeBSD 7.0-CURRENT i386
User-Agent: mutt-ng/devel-r535 (FreeBSD)
X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on 
	mail.garage.freebsd.pl
X-Spam-Level: 
X-Spam-Status: No, score=-0.5 required=3.0 tests=BAYES_00,RCVD_IN_NJABL_DUL,
	RCVD_IN_SORBS_DUL,RCVD_IN_SORBS_WEB autolearn=no version=3.0.4
Cc: freebsd-geom@freebsd.org
Subject: Re: geli not recognizing passphrase on boot (was: geli not
	prompting for password on boot)
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: GEOM-specific discussions and implementations
	<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Apr 2006 10:39:53 -0000


--fUYQa+Pmc3FrFX/N
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Apr 07, 2006 at 05:27:38PM -0500, Adam Wood wrote:
+> Hello,
+>=20
+> I have tried a new method using the 6.1-BETA4 ISO images.
+> Unfortunately, I am still not getting it to work properly. I am,
+> however, making slight progress, as it does ask for a passphrase at
+> boot.
+>=20
+> It does not seem to recognize my passphrase, though.
+>=20
+> Here's what I've done:
+>=20
+> 1. Booted with 6.1-BETA4 disc 1.
+> 2. Launched Fixit with livefilesystem on CD.
+> 3. Created symlink /dist/lib to /lib (ln -s /dist/lib /lib) and
+> /dist/boot/kernel to /boot/kernel (ln -s /dist/boot/kernel
+> /boot/kernel).
+> 4. Loaded the geom_eli module (kldload geom_eli).
+> 5. Initiated the geli device (geli init -b -s 4096 -l 256 /dev/ad0).
+> 6. Attached the new geli device (geli attach /dev/ad0 -- works!).
+> 7. Created bsdlabel on new, encrypted disk (bsdlabel -w /dev/ad0).

You should bsdlabel -w /dev/ad0.eli.

+> 15. Edited boot/loader.conf and added geom_eli_load=3D"YES" and
+> kern.geom.eli.debug=3D1.

Please add kern.geom.eli.visible_passphrase=3D1 to the loader.conf as
well.

+> 16. Ran mkisofs -b boot/bootcd -t /tmp/bootcd.iso /newdirectory_containi=
ngdirs.
+> 17. Burned /tmp/bootcd.iso.
+> 18. Rebooted with the new CD as boot device.
+>=20
+> It prompts me for the passphrase for ad0, but when I supply it I just ge=
t:
+>=20
+> GEOM_ELI[0]: Wrong key for ad0. Tries left: 2.
+>=20
+> I know I'm typing it correctly, and if I boot back into the install
+> disc I can attach just fine. Can you think of anything that would be
+> causing this? Does the boot media need /lib? I don't think it does,
+> but perhaps I'm wrong.

It doesn't. Try to enable visible_passphrase tunable and see if it gets
the passphrase you type.

--=20
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd@FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!

--fUYQa+Pmc3FrFX/N
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQFEN5KqForvXbEpPzQRAnAIAKCUXv/FGVHtOOMTalismDS722CX+QCgkz2z
dhtLYmAdB+h2p8JuF/8JXKU=
=Byeh
-----END PGP SIGNATURE-----

--fUYQa+Pmc3FrFX/N--