"geli init -a hmac/sha256" does not work properly
Cem Kayali
cemkayali at eticaret.com.tr
Fri Sep 5 20:40:17 UTC 2008
Hello all there!...
Once i would like to enable disk encryption with geli approcah, i
noticed following problem:
CASE 1 | SUCCES
-----------------------------------------------------------------------------------------------
geli init -b -e aes -l 256 -s 4096 /dev/ad4s1
This initializes geli without problem, and then once you run 'bsdlabel
-w /dev/ad4s1' it goes as expected.
CASE 2 | FAIL
-----------------------------------------------------------------------------------------------
geli init -b -e aes -l 256 -s 8192 /dev/ad4s1
This initializes geli with a warning message 'sector size is bigger than
the page size' and also 'bsdlabel -w /dev/ad4s1' fails with following
notice: 'bsdlabel: /dev/ad4s1 read: invalid argument'
CASE 3 | FAIL
-----------------------------------------------------------------------------------------------
geli init -b -e aes -l 256 -s 4096 -a hmac/sha256 /dev/ad4s1
This initializes geli with a warning message 'sector size is bigger than
the page size' and also 'bsdlabel -w /dev/ad4s1' fails with following
notice: 'bsdlabel: /dev/ad4s1 read: invalid argument'
In short, if i enable 'data integrity verification' or if i increase
'sector size', 'bsdlabel -w' gives error message.
I thank you in advance for advises.
Regards,
Cem
More information about the freebsd-questions
mailing list