[prev in list] [next in list] [prev in thread] [next in thread]
List: freebsd-current
Subject: Re: Encrypted swap partition no longer encrypted
From: Graham Perrin <grahamperrin () gmail ! com>
Date: 2021-08-27 11:22:36
Message-ID: a87cfab9-ea7f-f589-5fe3-fb22a93a1386 () gmail ! com
[Download RAW message or body]
On 27/08/2021 10:10, Ronald Klop wrote:
> … change "/dev/ada0p2" to "/dev/ada0p2.eli" in the new fstab and reboot. …
Strange, I thought I tried that before writing. One of the first things
that I would have tried.
Anyhow: now, it has the required effect.
----
An additional mystery. Before replacement of the internal hard disk, I
had swap at:
/dev/ada0p3.eli
With that disk now external, in the dock on USB, metadata can not be
read (geli attach fails). I'm happy for this to remain mysterious;
assume that non-encrypted data somehow crept in, use sswap(1) to
securely delete whatever might be there.
----
% swapinfo
Device 1M-blocks Used Avail Capacity
/dev/ada0p2.eli 16384 0 16384 0%
% sysrc dumpdev
dumpdev: /dev/ada0p2.eli
% grep swap /etc/fstab | grep -v \#
/dev/ada0p2.eli none swap sw,late
0 0
% sudo geli attach /dev/da0p3
grahamperrin's password:
geli: Cannot read metadata from /dev/da0p3: Invalid argument.
geli: There was an error with at least one provider.
% lsblk
DEVICE MAJ:MIN SIZE
TYPE LABEL MOUNT
ada0 0:121 932G
GPT - -
ada0p1 0:123 260M efi gpt/efiboot0 -
<FREE> -:- 1.0M
- - -
ada0p2 0:125 16G freebsd-swap
gpt/swap0 SWAP
ada0p2.eli 2:67 16G
freebsd-swap - SWAP
ada0p3 0:127 915G freebsd-zfs
gpt/zfs0 <ZFS>
ada0p3.eli 0:135 915G
zfs - -
<FREE> -:- 708K
- - -
cd0 0:129 0B
- - -
da0 0:184 466G
GPT - -
da0p1 0:189 200M efi msdosfs/EFISYS -
da0p2 0:192 512K freebsd-boot gpt/gptboot0 -
<FREE> -:- 492K
- - -
da0p3 0:193 16G freebsd-swap
gpt/swap0 SWAP
da0p4 0:194 450G freebsd-zfs
gpt/zfs0 <ZFS>
da0p4.eli 0:198 450G
zfs - -
<FREE> -:- 4.0K
- - -
da1 0:199 0B
- - -
da2 0:200 0B
- - -
da3 0:203 0B
- - -
da4 0:208 0B
- - -
da5 0:217 466G
GPT - -
<FREE> -:- 1.0M
- - -
da5p1 0:218 466G freebsd-zfs gpt/Transcend <ZFS>
da6 0:225 14G
GPT - -
<FREE> -:- 1.0M
- - -
da6p1 0:226 14G freebsd-zfs gpt/cache-transcend <ZFS>
da7 0:247 29G
GPT - -
da7p1 0:248 29G freebsd-zfs gpt/cache-august <ZFS>
% sudo geli attach da0p3
geli: Cannot read metadata from da0p3: Invalid argument.
geli: There was an error with at least one provider.
% fstyp /dev/da0p3
fstyp: /dev/da0p3: filesystem not recognized
%
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic