On Mon, Jun 20, 2016 at 02:00:20PM +0300, bootcr...@openmailbox.org wrote: > Hello! > > I have recently decided to use full disk encryption on my openbsd boxes. > > I've managed to do so and it's working, however for security reasons I want > to boot them from > another drive. > > Example: > I have computer with encrypted hard-drive(wd0). To boot it, I want to insert > a USB-flash drive(sd0) > and to boot from it in bios. I expect it run bootloader from sd0, > ask me password from my wd0 drive and then boot (wd0):/bsd. > However it's not working like that. When I'm booting from let's say > installation media, > it's simply not asking me the password, > and it seems there is no way to specificly ask bootloader to decrypt some > drive. > > I've read man pages and googled things like boot, installboot, > "cross-device install" etc but unsuccessfuly. > > > Is it(booting CRYPT hard drive from usb) possible? If yes, what am I doing > wrong? >
When you boot the machine, the boot loader should display a list of disks it has found. It looks something like this: disk: hd0+ hd1* sr0* In this example, the 'sr0' disk is the encrypted drive. Try booting from this disk with a command such as: boot sr0a:/bsd
