On 09/28/17 17:58, Stefan Sperling wrote: > On Thu, Sep 28, 2017 at 04:15:20AM +0200, Erling Westenvik wrote: >> On Thu, Sep 28, 2017 at 09:11:49AM +1000, tomr wrote: >>> I remember seeing a post, I think on undeadly.org, which went through >>> having the bootloader on password-encrypted usb drive, that also >>> contains a keyfile for the main disk. It said something like "I also >>> wanted the laptop to appear broken, and the disk full of random data, if >>> the usb drive wasn't present - rather than stopping at a password prompt" >> >> Here you go: >> >> http://www.undeadly.org/cgi?action=article&sid=20110530221728 > > Hi, I am the author of this undeadly article. > It is now very old and full of outdated information. > > Follow this FAQ section instead: > http://www.openbsd.org/faq/faq14.html#softraid
Well... there's nothing in the FAQ about using a keydisk at all, and there's no hints in bioctl(8) about using both a keydisk and a password together. The last comment on this thread describes what I'd like to do, which is to somehow have a keydisk *and* a passphrase: https://undeadly.org/cgi?action=article&sid=20131112031806