Re: entering geli passphrase only once at FreeBSD boot
- Reply: Taceant Omnes : "Re: entering geli passphrase only once at FreeBSD boot"
- Reply: Mehmet Erol Sanliturk : "Re: entering geli passphrase only once at FreeBSD boot"
- In reply to: Taceant Omnes : "entering geli passphrase only once at FreeBSD boot"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 09 Jan 2022 10:23:39 UTC
On Sun, 9 Jan 2022 10:00:51 +0000 Taceant Omnes <taceant@gmail.com> wrote: > Is there a way to enter the passphrase only once in FreeBSD that does > not involve storing it in a file? My solution was to log in after boot and run a script - less than elegant but possible to do remotely if I was away during a power outage (happened once). I've since given up on using encrypted drives, after a scare when one drive became inaccessible after an outage due to geli errors. Another option would be to run something in rc.local that disables getty on the console and uses /dev/ttyv0 directly which forces it to be done by someone with physical access. A very flashy (pun intended) option would be to put the key on a USB stick and do some devd magic to spot it and do the necessary before talking out of the speaker. -- Steve O'Hara-Smith <steve@sohara.org>