From owner-freebsd-questions@freebsd.org Mon Jan 23 21:49:23 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4B5FCCBD7DF; Mon, 23 Jan 2017 21:49:23 +0000 (UTC) (envelope-from dweimer@dweimer.net) Received: from webmail.dweimer.net (24-240-198-187.static.stls.mo.charter.com [24.240.198.187]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "www.dweimer.net", Issuer "Go Daddy Secure Certificate Authority - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1F51210F; Mon, 23 Jan 2017 21:49:22 +0000 (UTC) (envelope-from dweimer@dweimer.net) Received: from www.dweimer.net (localhost [10.9.5.2]) by webmail.dweimer.net (8.15.2/8.15.2) with ESMTP id v0NLnEX2011064; Mon, 23 Jan 2017 15:49:14 -0600 (CST) (envelope-from dweimer@dweimer.net) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Date: Mon, 23 Jan 2017 15:49:14 -0600 From: "Dean E. Weimer" To: Erwan David Cc: freebsd-questions@freebsd.org, owner-freebsd-questions@freebsd.org Subject: Re: Not mounting a zpool at boot Organization: dweimer.net Reply-To: dweimer@dweimer.net Mail-Reply-To: dweimer@dweimer.net In-Reply-To: <7b235b14-4547-299e-0943-02037ab28630@rail.eu.org> References: <911a347a-a94c-717b-0d6c-eb9fd665e489@rail.eu.org> <7b235b14-4547-299e-0943-02037ab28630@rail.eu.org> Message-ID: <687791b8fb5fbe3e3da20a2e1b4e5a88@dweimer.net> X-Sender: dweimer@dweimer.net User-Agent: Roundcube Webmail/1.3-beta X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Jan 2017 21:49:23 -0000 On 2017-01-23 3:23 pm, Erwan David wrote: > Le 01/23/2017 à 22:20, Erwan David a écrit : >> Hi, >> >> I have a machine (11-RELEASE) with 2 pools, one encrypted with the > > UNencrypted > >> system and one encrypted with data. I want to boot without having to >> enter passphrase then ssh to the machine to import the encrypted pool. >> >> I put geli_devices="" in /etc/rc.conf in order to prevent the >> passphrase >> question, but to no avail, system still asks it. How can I boot >> without >> importing the encrypted pool, nor giving the passphrase (US keyboard >> is >> unsuitable for this). >> Do you have geom_eli_load="YES" set in your /boot/loader.conf? If you don't want to load the GELI volumes I think you can simply remove that. Once you login and issue the geli attach command it should auto load the kernel modules. I have a SATA drive in a hot swapable bay encrypted with GELI for my backups. I have no problems with the system booting and not prompting for password. Then once its booted I login and attach the geli volume so that backups can run. Without the GELI modules loaded at boot time it shouldn't be able to determine that there are encrypted volumes and just ignore them at boot time. -- Thanks, Dean E. Weimer http://www.dweimer.net/