Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 27 Jul 2007 15:55:14 -0500
From:      Reid Linnemann <lreid@cs.okstate.edu>
To:        Rolf G Nielsen <lazlar@lazlarlyricon.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: ELI passphrase on boot with USB keyboard
Message-ID:  <46AA5BB2.2010406@cs.okstate.edu>
In-Reply-To: <46AA5A62.1090309@cs.okstate.edu>
References:  <46AA53CA.3090309@lazlarlyricon.com> <46AA5A62.1090309@cs.okstate.edu>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Written by Reid Linnemann on 07/27/07 15:49>>
> Written by Rolf G Nielsen on 07/27/07 15:21>>
>> Hi,
>>
>> I recently purchased a new USB keyboard, since my old PS/2 one has 
>> seen its best days. This has caused me annoying problems with my ELI 
>> disks, though.
>>
>> I have four SATA harddrives, all of which are encrypted using ELI 
>> encryption. I've encrypted the raw disks, ad0, ad1, ad2 and ad3. The 
>> resulting devices ad0.eli, ad1.eli, ad2.eli and ad3.eli, I've 
>> concatenated into a large device, cc0, on which I have several 
>> partitions. To get this working, I of course need to boot from a 
>> separate device, and for that I use an SD card, which holds a boot 
>> directory. With my old PS/2 keyboard, this worked like a charm, but it 
>> seems to me, the ukbd driver isnt activated until after the ELI 
>> encryption, which means I'm unable to enter the passphrases for the 
>> disks, thus I can't get the computer passed the first passphrase prompt.
>>
>> Currently I have both the old keyboard and the new USB one connected. 
>> I use the PS/2 one to enter the passphrases, then I put it on the 
>> floor under my desk and use the USB keyboard. As you may very well 
>> understand, this is quite annoying. Is there a way to get the USB 
>> keyboard to work at the point where I enter the passphrases?
>>
>> I've tried to change the keys for the disks to not use a passphrase, 
>> but only keyfiles and load them from loader.conf, just as described in 
>> the GELI man page (yes I did set the -P option), but that simply will 
>> not work (and to be honest, it's not a solution I'd favour); if I set 
>> the -b option (ask for passphrase on boot), it still asks for the 
>> passphrase, though there is none, and if I set the -B option (don't 
>> ask for passphrase on boot), the computer ends up at the "mountroot>" 
>> prompt.
>>
>> I'd appreciate any help.
>>
>> Sincerly,
>>
>> Rolf Nielsen
>>
> 
> Try setting hints.atkbd0.disabled to 1 in the loader, or in the 
> device.hints file. Your usb keyboard may work in early stages with that 
> device hint.

Erm, set the hint in the loader _first_, and then only put it in 
device.hints if it works!



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?46AA5BB2.2010406>