From owner-freebsd-questions@FreeBSD.ORG Thu Nov 8 11:27:19 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 77CDE1D6 for ; Thu, 8 Nov 2012 11:27:19 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from smtprelay05.ispgateway.de (smtprelay05.ispgateway.de [80.67.31.93]) by mx1.freebsd.org (Postfix) with ESMTP id 0292D8FC0A for ; Thu, 8 Nov 2012 11:27:18 +0000 (UTC) Received: from [87.79.197.100] (helo=fabiankeil.de) by smtprelay05.ispgateway.de with esmtpsa (SSLv3:AES128-SHA:128) (Exim 4.68) (envelope-from ) id 1TWQFO-0001o5-Le; Thu, 08 Nov 2012 12:26:10 +0100 Date: Thu, 8 Nov 2012 12:25:15 +0100 From: Fabian Keil To: Mike Barnard Subject: Re: GELI Swap password on boot Message-ID: <20121108122515.089a7fe8@fabiankeil.de> In-Reply-To: References: Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/2ue+V7m79US++hZ_VMj2MuH"; protocol="application/pgp-signature" X-Df-Sender: Nzc1MDY3 Cc: FreeBSD Questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Nov 2012 11:27:19 -0000 --Sig_/2ue+V7m79US++hZ_VMj2MuH Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Mike Barnard wrote: > On 8 November 2012 03:30, Michael Sierchio wrote: >=20 > > On Wed, Nov 7, 2012 at 4:20 PM, Mike Barnard > > wrote: > > > Hi, > > > > > > I am running FreeBSD 9.0-RELEASE and I am experiencing some strange > > > behaviour with GELI. > > > > > > Every time I boot up my computer, I get a request to enter the Encryp= tion > > > password for swap. swap is not encrypted and should not be asking for= an > > > encryption password. > > > > > > I have checked and ensured that there are no providers for geli for t= he > > > ada0p3 partition. Any one have pointers on what I could check for to > > > rectify this. > > > > in /etc/fstab you should have: > > > > /dev/ada0p3.eli none swap sw > > 0 0 > > > > in /etc/rc.conf you should have (something like): > > > > geli_swap_flags=3D"-e aes -l 256 -s 4096 -d" > > > > /etc/rc.d/encswap will generate a random password > > >=20 > I added that when I booted and was prompted again for a password. What > puzzles me is that this device is not encrypted. Why is it asking me for a > password? So I encrypted it and added what you have suggested and it still > asks me for a password. Maybe the device contains old geli meta data with the boot flag set, or garbage that looks like geli meta data. Try to "geli clear" the device and if it fails "geli init" + "geli clear". Fabian --Sig_/2ue+V7m79US++hZ_VMj2MuH Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlCblqAACgkQBYqIVf93VJ1JMgCdFKZGXM62Dz9Ba26izlYDtK0F QNMAoMWTnip8c5VH4tamGHdlIwKDYpvT =u4s6 -----END PGP SIGNATURE----- --Sig_/2ue+V7m79US++hZ_VMj2MuH--