On Thu, Jan 14, 2010 at 01:31:55AM -0600, Scott Bennett wrote: > I used "glabel label" to label each of the file systems I have on > external > disk drives. Unfortunately, afterward I am now unable to "geli attach" any of > the GELI-encrypted file systems. The system is FreeBSD 7.2-STABLE. Is there > a way to get this to work? Or have I just lost everything in the encrypted > file systems?
Did you use 'geli init /dev/daXsY' and 'glabel label /dev/daXsY'? That will overwrite the geli metadata with the glabel metadata! Check /var/backups. There should be *.eli files there. Those are the automatic metadata backups that 'geli init' makes (at least in 8.0). You can restore those backups with 'geli restore'. Running 'geli init' again with the same parameters will not work, because 'geli init' uses a random component in the key generation. In other words, two inits with the same password will not generate the same key! What you should have done (for future refrence) is use geli(8) to create the encrypted device, then create a filesystem on that encrypted device with newfs(8) using the '-L' flag to set the volume name. Or use tunefs(8) to set the volume name later. These names will be automatically recognized next time you attach it and listed in /dev/ufs/. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
pgpHuSU1N8tAm.pgp
Description: PGP signature
