Hello misc@.
I have eagerly followed this article:
http://www.undeadly.org/cgi?action=article&sid=20110530221728
to try an encrypted root filesystem (all filesystems) installation
on a small USB disk with an USB memory stick key disk.
It works like a charm, very nice feature!
Now I want to make a copy of my key disk and have no exactly
equivalent USB memory stick, the one I have is slightly smaller
still claiming to be 8 GB, but a wee bit fewer sectors. And I was
"clever" when creating the working key disk in that I put one small
fdisk OpenBSD partition of 3 cylinders at the end of the disk
for the key disk partition. On the to be key disk copy I do the same,
the fdisk A6 partition at the last 3 cylinders of the disk.
Now, if I have the working key disk sd1, key disk partition d
of type RAID, and a newly labeled disk sd3 also with an equally
sized RAID partition 3 and do:
dd if=/dev/rsd1d of=/dev/rsd3d bs=512 count=16065
the disklabel of sd3 gets overwritten along with the key data.
I suspect I just have to know how many sectors to skip in the transfer
to avoid overwriting the new disk disklabel, or is there some other way
or more pitfalls when duplicating the key disk partition content?
Also, need I make sure the DUID of the key disk copy is the same as
on the working key disk?
I have a fairly recent snapshot:
OpenBSD 5.0-current (GENERIC.MP) #85: Fri Oct 7 13:05:46 MDT 2011
[email protected]:/usr/src/sys/arch/i386/compile/GENERIC.MP
Side note, unrelated:
bioctl softraid0
when running this encrypted root filesystem setup shows
what disks the crypto disk consists of, and there it shows
the key disk is one part of the crypto disk, but when the
key disk is roaming, the printout does not show that fact.
Instead it shows the original key disk name. The info for
the main disk is reflects the real disk name when roaming.
Bug?
--
/ Raimo Niskanen, Erlang/OTP, Ericsson AB
