Date: Wed, 11 Feb 2015 09:04:05 -0500 From: Brenden Bartelt <brenden.bartelt@gmail.com> To: freebsd-arm@freebsd.org Subject: "geli: Wrong key" unable to attach in RPi/ARM environment Message-ID: <CANUxo4omL1m0EkSnmad8qyZqRWbuZ5zJ29nzCA0%2BgSyCAyU9dw@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi all,
This a follow up to a previous thread in freebsd-geom where it was
determined that geli is functional in 11.0-CURRENT and it could be an ARM
problem.
I have been unable to geli attach in RPi, even with a very simple
passphrase ("test"). Has anyone had success with this? I have tried on an
external usb, da0 as well as a partition on the SD card itself, mmcsd0s3.
The geli init appears to work, and a geli dump reveals that a master key
was indeed written to the device. What is even more puzzling is that a geli
onetime will work for the device, so it would appear that geli is
functional, but something has gone wrong with the master key
generating/writing/reading operation.
Can anyone shed some light on something I am missing? Is geli not fully
supported on ARM?
Thanks,
Brenden
Log:
# uname -a
FreeBSD raspberry-pi 11.0-CURRENT FreeBSD 11.0-CURRENT #0 r278031: Mon Feb
2 02:54:08 UTC 2015
root@releng2.nyi.freebsd.org:/usr/obj/arm.armv6/usr/src/sys/RPI-B
arm
# kldstat
Id Refs Address Size Name
8 1 0xc5657000 17000 geom_eli.ko
9 1 0xc572e000 2c000 crypto.ko
# geli init mmcsd0s3
Enter new passphrase:
Reenter new passphrase:
Metadata backup can be found in /var/backups/mmcsd0s3.eli and
can be restored with the following command:
# geli restore /var/backups/mmcsd0s3.eli mmcsd0s3
# geli attach mmcsd0s3
Enter passphrase:
geli: Wrong key for mmcsd0s3.
# geli dump mmcsd0s3
Metadata on mmcsd0s3:
magic: GEOM::ELI
version: 7
flags: 0x0
ealgo: AES-XTS
keylen: 128
provsize: 24796725248
sectorsize: 512
keys: 0x01
iterations: 21660
Salt:
d2678fa977889263b18cbbb2e5a3151ac8185d9d0bc5dafa548abc4510ca49ce134ef9410cc=
63a9b0881514d9e9fedb6a3d392ba4096775030d0646fbfb4cce5
Master Key:
4c26413b864d809b7e537e13ad442d22eada3a12ef61cd538f3a2bc9fd3a1dbbe80e19d6a00=
9c51784461380ff150602c31c4910ad63aa52d105fc93b2005f18cd0b187e0e56b44eabc978=
4a6255e696a9c398653e4ec669cae64961bd7b43d9af01fa0897f84fef1608c632bbb881d41=
8bdf81e637afff4191ceda6ec829f33c93a0cb5ead63ee63e4c4ccc3ee0b076e6f86b05d514=
c8b006bf8a11e3f78ac658e56bd824d6958747f09f3c8e80861d2f19eed3f334bbcc83aa28a=
227239c4bd9c4390a9e1acb5aefed4ef4602432359271217bfb9676eb753930f5c9c45899b0=
f44bdd230517d3238fc9ab9763b2def43658f44fc76094ccb4af54c7c492a790eca0b407adf=
66fccf2f3b049c874b66d4bbccd4e82fe8a2e79985ae5e1d64affed7ac66808a2bbd9d661b4=
60c2b9acc1bac5a537bc7d862c711c9ca4892fcf3e607b6ee255555b742352483b7ffda8054=
5bd3774f90ff0e74db58ef87c6c050501c0643c3921345df6e6d7a296c7c535ec81468a8a73=
9824673303664a8874
MD5 hash: f97f3ca1cf95c25144c84a12b10d81ef
# geli onetime mmcsd0s3
# geli list
Geom name: mmcsd0s3.eli
State: ACTIVE
EncryptionAlgorithm: AES-XTS
KeyLength: 128
Crypto: software
Version: 7
Flags: ONETIME
KeysAllocated: 47
KeysTotal: 47
Providers:
1. Name: mmcsd0s3.eli
Mediasize: 24796725248 (23G)
Sectorsize: 512
Mode: r0w0e0
Consumers:
1. Name: mmcsd0s3
Mediasize: 24796725248 (23G)
Sectorsize: 512
Stripesize: 4194304
Stripeoffset: 0
Mode: r1w1e1
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CANUxo4omL1m0EkSnmad8qyZqRWbuZ5zJ29nzCA0%2BgSyCAyU9dw>