From owner-freebsd-questions@FreeBSD.ORG Mon Apr 11 02:47:34 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F3D2D106566B for ; Mon, 11 Apr 2011 02:47:33 +0000 (UTC) (envelope-from gilmordron@yahoo.com) Received: from nm8.bullet.mail.ac4.yahoo.com (nm8.bullet.mail.ac4.yahoo.com [98.139.52.205]) by mx1.freebsd.org (Postfix) with SMTP id 9A4A08FC1E for ; Mon, 11 Apr 2011 02:47:33 +0000 (UTC) Received: from [98.139.52.196] by nm8.bullet.mail.ac4.yahoo.com with NNFMP; 11 Apr 2011 02:34:43 -0000 Received: from [98.138.90.50] by tm9.bullet.mail.ac4.yahoo.com with NNFMP; 11 Apr 2011 02:34:43 -0000 Received: from [98.138.89.163] by tm3.bullet.mail.ne1.yahoo.com with NNFMP; 11 Apr 2011 02:34:43 -0000 Received: from [127.0.0.1] by omp1019.mail.ne1.yahoo.com with NNFMP; 11 Apr 2011 02:34:43 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 210042.63484.bm@omp1019.mail.ne1.yahoo.com Received: (qmail 91801 invoked by uid 60001); 11 Apr 2011 02:34:43 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1302489283; bh=qjrxO36uqKaiEIDFCbv+WbGVY2xtroU/C9j5tNamdck=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=zdt9OPtcK7+KNg3Vk7Zmf8ao3KLfOQZ+4mq/3JyNKHbW4WQ1DNFdYa6KReTt2eOC2K8AhyRG5hKlQoXIZXvUSFtjDuvGEZlpDeVKhv6PjHcgCJPYr+ICf8GbgbKHhm3vsrzLvhLLAJNaqqEn0aEPpMiRcQxAQNtH0liNOvKmsSw= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=Hzmn9aUTf6LRSNfpC6TkWkXjw7FREHHTa3BL5qtHzMwjQhq/yhPzVV142lClkUq7idH0NQfWJ0YLDyjzhknHuwVewFkn2D0MEcZFprDUaC7GBaNro+v3wF9lT5jxPQLGxWig5q0KufBYGpyTgijGiA4kA6QvWGFuXu1cDSE03fw=; Message-ID: <113002.86184.qm@web121613.mail.ne1.yahoo.com> X-YMail-OSG: 8yrtC2cVM1k4DVhG958urCqIU9kMfpSccJptyqazSUue8dr 8jcE1oVaUlvbXQW8_hVfWabpnUG97j0jKuNwVqkxE2XtWaLCr1W2fKWyqU6G 8F4L2jvbE32RHPSiSov6U9nktAc1oNpwv4u2Z.k67BvYgrYaQAuvOwKp_emq Zw5rbPBNVM1goDLZUGxTq9h_tDQTjYCUXzsif85HmKnFHcDNLrGgoAzcMWIs O9nqHxgXNnLWa37.AhT9_3ScYFhVMf4qYlgcuYJc.rlvKPoYE6KjukdwVFYb gc91ssAdXtaIOiiZGfYd0BIzT22OyTrc1rV42cfHol_T3.vO_Cccu Received: from [68.196.8.50] by web121613.mail.ne1.yahoo.com via HTTP; Sun, 10 Apr 2011 19:34:42 PDT X-Mailer: YahooMailRC/559 YahooMailWebService/0.8.109.295617 Date: Sun, 10 Apr 2011 19:34:42 -0700 (PDT) From: Gil Mordron To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: full disk encryption with geli - where does the stuff in /boot/kernel X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Apr 2011 02:47:34 -0000 I am attempting to set up full disk encryption with GELI, booting from an unencrypted thumb drive, using the following PDF by Marc Schiesser as a guide: http://events.ccc.de/congress/2005/fahrplan/attachments/586-paper_Complete_Hard_Disk_Encryption.pdf In section 3.5.5, "The removable medium", it says to copy everything from the fixed disk's boot directory to the thumb drive, and then zip up various things from the removable disk's boot/kernel directory (the fixed disk is mounted as /fixed and the removable as /removable): # cp -Rpv /fixed/boot /removable # cd /removable/boot/kernel # gzip kernel geom_eli.ko acpi.ko My issue is that there is nothing in /removable/boot/kernel. Obviously whatever would be there would have come from the "cp -Rpv /fixed/boot /removable" line, so I checked in /fixed/boot/kernel, and there's nothing there either. Presumably whatever would be in /fixed/boot/kernel would have been placed there in the previous step, section 3.5.4, which includes: # mount /dev/ad0.elia /fixed # export DESTDIR=/fixed/ # cd /dist/6.0-RELEASE/base && ./install.sh That did create a bunch of stuff on /fixed, including /fixed/boot and even /fixed/boot/kernel, but it did not place any files in /fixed/boot/kernel. One difference that I should mention at this point is that I'm using 8.2, not 6.0, so I actually did a "cd /dist/8.2-RELEASE/base" instead of the "cd /dist/6.0-RELEASE/base" that the document suggests. Other than that, I think I did everything the same as it suggests. Is there a step missing in the document? Or did I screw something up? In any case, can I just copy the necessary files to /removable/boot/kernel from /dist/boot/kernel instead of from /fixed/boot/kernel? Or do I have to get them in some other way? And what files are needed? Obviously kernel, geom_eli.ko, and acpi.ko, and I believe that geom_eli.ko requires both zlib.ko and crypto.ko, but do I have to get any other files, too? Thanks in advance for any help.