Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 27 Jul 2007 23:37:35 +0200
From:      Rolf G Nielsen <>
Subject:   Re: ELI passphrase on boot with USB keyboard
Message-ID:  <>
In-Reply-To: <>
References:  <>	<> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
This is a multi-part message in MIME format.
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable

Reid Linnemann wrote:
> Written by Reid Linnemann on 07/27/07 15:49>>
>> Written by Rolf G Nielsen on 07/27/07 15:21>>
>>> Hi,
>>> I recently purchased a new USB keyboard, since my old PS/2 one has=20
>>> seen its best days. This has caused me annoying problems with my ELI =

>>> disks, though.
>>> I have four SATA harddrives, all of which are encrypted using ELI=20
>>> encryption. I've encrypted the raw disks, ad0, ad1, ad2 and ad3. The =

>>> resulting devices ad0.eli, ad1.eli, ad2.eli and ad3.eli, I've=20
>>> concatenated into a large device, cc0, on which I have several=20
>>> partitions. To get this working, I of course need to boot from a=20
>>> separate device, and for that I use an SD card, which holds a boot=20
>>> directory. With my old PS/2 keyboard, this worked like a charm, but=20
>>> it seems to me, the ukbd driver isnt activated until after the ELI=20
>>> encryption, which means I'm unable to enter the passphrases for the=20
>>> disks, thus I can't get the computer passed the first passphrase prom=
>>> Currently I have both the old keyboard and the new USB one connected.=
>>> I use the PS/2 one to enter the passphrases, then I put it on the=20
>>> floor under my desk and use the USB keyboard. As you may very well=20
>>> understand, this is quite annoying. Is there a way to get the USB=20
>>> keyboard to work at the point where I enter the passphrases?
>>> I've tried to change the keys for the disks to not use a passphrase, =

>>> but only keyfiles and load them from loader.conf, just as described=20
>>> in the GELI man page (yes I did set the -P option), but that simply=20
>>> will not work (and to be honest, it's not a solution I'd favour); if =

>>> I set the -b option (ask for passphrase on boot), it still asks for=20
>>> the passphrase, though there is none, and if I set the -B option=20
>>> (don't ask for passphrase on boot), the computer ends up at the=20
>>> "mountroot>" prompt.
>>> I'd appreciate any help.
>>> Sincerly,
>>> Rolf Nielsen
>> Try setting hints.atkbd0.disabled to 1 in the loader, or in the=20
>> device.hints file. Your usb keyboard may work in early stages with=20
>> that device hint.
> Erm, set the hint in the loader _first_, and then only put it in=20
> device.hints if it works!
> _______________________________________________
> mailing list
> To unsubscribe, send any mail to=20
> ""
Moreover, the usb keyboard works upto and including the boot menu (I=20
guess the hardware is strictly under BIOS control then, and the kernel=20
doesnt really know if the keboard is usb or ps/2). Then, as soon as the=20
kernel starts probing devices, it stops working. It comes back when=20
daemons have been started. Does usbd have to be running for a usb=20
keyboard to work? If so, could it be worked around?


V=C3=A4nligen / Sincerly,
Rolf Nielsen


Want to link to this message? Use this URL: <>