On Mon, Oct 06, 2014 at 13:59:12 -0700, Daniel wrote:> My problem stems from not being able to use my keyboard during the geli
> password prompt for the encrypted root drive.
>
> This is not a new issue:
>
>
> - https://forums.freebsd.org/viewtopic.php?f=4&t=40965
> -
>
https://docs.freebsd.org/cgi/getmsg.cgi?fetch=11610+0+current/freebsd-questions
> - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=131415
>
>
> Both people who have had the problem aside from me mention that the issue
> did not exist pre FreeBSD-9.1
>
> At this time I'm wondering what I should do. I really would like to
have my
> root encrypted. The actual bug hasn't moved for quite some time. Should
I
> open up a new one?
>
> Since my motherboard does not have non-USB keyboard options, I'm not
able
> of encryption on root.
>
> Does anyone have ideas? suggestions? I have tried waiting and then type,
> but nothing has helped. How can I move this forward?
>
> Motherboard: http://www.amazon.com/gp/product/B00FM4M7TQ
I have a Supermicro X10SAE, also using GELI-encrypted root ZFS.
I have found that, comical as it may seem, mashing the keyboard
during the system's initial device probing allows me to hit enter
at the password prompt (which gets printed in between some of the
USB device probes) and then enter the password properly. I'm
running on:
FreeBSD behemoth 10.1-RC1 FreeBSD 10.1-RC1 #0 r272473: Fri Oct 3 14:56:28 UTC
2014 root at behemoth:/usr/obj/usr/src/sys/GENERIC amd64
Here's my /boot/loader.conf:
geli_ada0p4_keyfile0_load="YES"
geli_ada0p4_keyfile0_type="ada0p4:geli_keyfile0"
geli_ada0p4_keyfile0_name="/boot/encryption.key"
geli_ada2p4_keyfile0_load="YES"
geli_ada2p4_keyfile0_type="ada2p4:geli_keyfile0"
geli_ada2p4_keyfile0_name="/boot/encryption.key"
aesni_load="YES"
geom_eli_load="YES"
vfs.root.mountfrom="zfs:rpool/ROOT/default"
zfs_load="YES"
zpool_cache_load="YES"
zpool_cache_type="/boot/zfs/zpool.cache"
zpool_cache_name="/boot/zfs/zpool.cache"
So, it "works" for me, but I need to be attentive during boot
or I see the same problems that you do.
--
Chris Nehren
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 904 bytes
Desc: not available
URL:
<http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20141006/bf2637c9/attachment.sig>