On Sat, 20 Jul 2013, Erling Westenvik wrote:
> On Fri, Jul 19, 2013 at 01:16:44PM -0400, Kenneth R Westerback wrote:
> > On Fri, Jul 19, 2013 at 06:15:49PM +0200, Erling Westenvik wrote:
> > > Maybe a stupid question, but is it possible to have a i386 machine
> > > configured with FDE to automatically direct to serial console BEFORE
> > > the passphrase prompt?
> > >
> > > The steps below require the machine to have an attached keyboard
> > > and monitor initially.
> > >
> > > If I hit Enter at the passphrase prompt, the boot prompt will
> > >
> > > appear and let me switch to serial console:
> > > > set tty com0
> > >
> > > From the serial console I can the type:
> > > > boot sr0a:/bsd
> > >
> > > which gives me the passphrase prompt again on the console machine.
> > >
> > > It would be really nice to be able to boot a headless FDE. Am I missing
> > > something? Is this design by intention?
> > >
> > > Cheers,
> > >
> > > Erling
> >
> > There's always boot.conf(5), into which you can put 'set tty com0' last
> > I checked.
>
> Of course, but not on an fully encrypted disk where root, and hence
> /etc/boot.conf, won't get available until the passphrase is entered.
>
> Since it is possible to exit the passphrase prompt, enter "set tty com0"
> at the boot(8) prompt and then go back to the passphrase prompt again
> from serial console, it must be possible to compile this functionality
> into boot(8)? (I'm really way out of my league here..)
This can be easily achieved by creating a tiny 'a' partition, which contains
nothing but an /etc/boot.conf file with:
set tty com0
boot sr0a:/bsd
That way once boot(8) loads, it reads hd0a:/etc/boot.conf, then switches to
serial and starts booting from the encrypted softraid volume.
Otherwise you could use a modified boot(8), which defaulted to serial - see
constab in sys/arch/i386/stand/boot/conf.c for example.
--
"Action without study is fatal. Study without action is futile."
-- Mary Ritter Beard
