On Sat, Mar 07, 2026 at 07:35:43PM -0600, Tim Chase wrote: > On 2026-03-07 17:38, Theo de Raadt wrote: > > Placing a softraid key disk on top of a vnd doesn't make sense. > > It allows unlocking a primary drive with a password, availing the > keyfile/key"disk" that then unlocks subsequent disks (rather than > needing to enter a password for each of the subsequent disks).
You can easily do this without vnd. Just FDE the boot disk, store passphrases for each of the subsequent disks in files in /etc/, and modify /etc/rc to attach those disks immediately before rc calls fsck.
