disk encryption with geli
Bill Moran
wmoran at potentialtech.com
Fri Jul 24 15:38:26 UTC 2009
In response to Stefan Miklosovic <miklosovic.freebsd at gmail.com>:
> hi all
>
> i am going to encrypt my /home directory
> which is mounted in /etc/fstab like
>
> /dev/ad0s2f /home ufs rw,noatime
> 2 2
>
> I did like is wrote in
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/disks-encrypting.html
> everything looks good. ad0s2f.eli appears in /dev and so on. I can mount it,
> umount and so.
>
> but after reboot, I am dropped to single user mode because of en error
> message which says that
> there is an inconsistency at /dev/ad0s2f
>
> do i have to encrypt whole ad0 or it is possible to encrypt only my /home?
You can do what you're attempting, I'm doing it in several places without
problem.
I suspect that you have the startup config wrong in /etc/rc.conf or in
/etc/fstab. Make sure you're mounting the encrypted partition in
/etc/fstab (i.e. /dev/ad0s2f.eli and not /dev/ad0s2f) and make sure
you have all the geli startup config in /etc/rc.conf per the document
you referenced.
If that's not enough to help you, please provide your /etc/rc.conf, and
/etc/fstab, along with copy/paste of the exact error message you're
seeing.
--
Bill Moran
http://www.potentialtech.com
http://people.collaborativefusion.com/~wmoran/
More information about the freebsd-questions
mailing list