Reid Linnemann wrote:
Written by Rolf G Nielsen on 07/27/07 16:37>>
Reid Linnemann wrote:
Written by Reid Linnemann on 07/27/07 15:49>>
Written by Rolf G Nielsen on 07/27/07 15:21>>
Hi,
I recently purchased a new USB keyboard, since my old PS/2 one has
seen its best days. This has caused me annoying problems with my
ELI disks, though.
I have four SATA harddrives, all of which are encrypted using ELI
encryption. I've encrypted the raw disks, ad0, ad1, ad2 and ad3.
The resulting devices ad0.eli, ad1.eli, ad2.eli and ad3.eli, I've
concatenated into a large device, cc0, on which I have several
partitions. To get this working, I of course need to boot from a
separate device, and for that I use an SD card, which holds a boot
directory. With my old PS/2 keyboard, this worked like a charm, but
it seems to me, the ukbd driver isnt activated until after the ELI
encryption, which means I'm unable to enter the passphrases for the
disks, thus I can't get the computer passed the first passphrase
prompt.
Currently I have both the old keyboard and the new USB one
connected. I use the PS/2 one to enter the passphrases, then I put
it on the floor under my desk and use the USB keyboard. As you may
very well understand, this is quite annoying. Is there a way to get
the USB keyboard to work at the point where I enter the passphrases?
I've tried to change the keys for the disks to not use a
passphrase, but only keyfiles and load them from loader.conf, just
as described in the GELI man page (yes I did set the -P option),
but that simply will not work (and to be honest, it's not a
solution I'd favour); if I set the -b option (ask for passphrase on
boot), it still asks for the passphrase, though there is none, and
if I set the -B option (don't ask for passphrase on boot), the
computer ends up at the "mountroot>" prompt.
I'd appreciate any help.
Sincerly,
Rolf Nielsen
Try setting hints.atkbd0.disabled to 1 in the loader, or in the
device.hints file. Your usb keyboard may work in early stages with
that device hint.
Erm, set the hint in the loader _first_, and then only put it in
device.hints if it works!
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
Moreover, the usb keyboard works upto and including the boot menu (I
guess the hardware is strictly under BIOS control then, and the kernel
doesnt really know if the keboard is usb or ps/2). Then, as soon as
the kernel starts probing devices, it stops working. It comes back
when daemons have been started. Does usbd have to be running for a usb
keyboard to work? If so, could it be worked around?
That I don't know. It seems to me that the USB keyboard operates in one
of two modes - through the bios or through a device driver. When the
system is yet to come up, the PC BIOS is able to talk with the USB
keyboard, else you wouldn't be able to type commands in the loader. At
some point, I guess the OS aborts talking to the USB keyboard through
the BIOS until a driver is loaded. However, I'm not a kernel hacker, so
this is only a guess and someone more knowledgeable should respond to
the thread at this point.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
Reid: No problem. Thanks a lot for your time anyway. :)
Anyone:
I read in the ukbd man page, the the USB keyboard will be detected after
the console driver initializes itself. However, I also noted a macro
named UPROTO_BOOT_KEYBOARD in the the /usr/src/sys/dev/usb/ukbd.c file.
I'm not a kernel hacker either, and my C skills date back to the late
90's, when I created various simple apps for Windoze, so I can't really
see what the macro does (it's obviously a flag of some kind; it's
defined as 1). Though its name suggests to me, that it might be possible
to make it work when the ELI passphrase is supposed to be entered. If
its not possible ( in that case, I hope it will be made possible in a
near future release), I'd be willing, as a fallback, to accept a no
passphrase solution, but as I also mentioned in my original post, I
can't make that work. I did exactly what the geli man page says (I
substituted the device names of course). Is the man page complete?
Should there be some flags set, that tells the kernel not to ask for a
passphrase, and only use the loaded keyfiles? I have ELI support
compiled into the kernel, but I've also tried it with the geom_eli KLD,
with the exact same result.
--
Vänligen / Sincerly,
Rolf Nielsen
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
