geli setkey n 1 anomaly :: or am I missing something
Shamim Shahriar
shamim.shahriar at gmail.com
Tue Sep 27 14:01:32 UTC 2016
Good afternoon all, I am having some difficulty with geli. I am trying to
set up an encrypted provider for my users, using the setkey feature, but it
is not working.
system: FreeBSD 11-RC3
from the man page
Create an encrypted provider, but use two User Keys: one for your
employee and one for you as the company's security officer (so it is
not
a tragedy if the employee "accidentally" forgets his passphrase):
# geli init /dev/da2
Enter new passphrase: (enter security officer's passphrase)
Reenter new passphrase:
# geli setkey -n 1 /dev/da2
Enter passphrase: (enter security officer's passphrase)
Enter new passphrase: (let your employee enter his passphrase
...)
Reenter new passphrase: (... twice)
Following this path, I have encrypted a provider, ada0p4
# geli init -e aes-xts -l 256 -K geli.key /dev/ada0p4
Enter new passphrase: # I enter my passphrase
Reenter new passphrase: # I re-enter my passphrase
all is good.
Now, I am trying to set up the passphrase for the colleague
# geli setkey n 1 -k geli.key /dev/ada0p4
Enter passphrase: # entered my passphrase
Enter new passphrase: # entered colleague's passphrase
Reenter new passphrase: # re-entered colleague's passphrase
As I try to attach using colleague's passphrase, I get a Wrong key error.
My key works fine.
# geli attach -k geli.key /dev/ada0p4
Enter passphrase: # I put colleague's passphrase
Wrong key
I am not sure what I am doing wrong. any pointer will be greatly
appreciated. If you require further information, please do not hesitate
to ask.
Thanks and regards
More information about the freebsd-questions
mailing list