As recently noted on this list, if you ask you will find the answer; often by yourself.
A bit of hexdump'ing gave an empirical answer at least for i386. On Fri, Oct 14, 2011 at 12:03:38PM +0200, Raimo Niskanen wrote: > Hello misc@. > > I have eagerly followed this article: > http://www.undeadly.org/cgi?action=article&sid=20110530221728 > to try an encrypted root filesystem (all filesystems) installation > on a small USB disk with an USB memory stick key disk. > It works like a charm, very nice feature! > : > > Now, if I have the working key disk sd1, key disk partition d > of type RAID, and a newly labeled disk sd3 also with an equally > sized RAID partition 3 and do: > dd if=/dev/rsd1d of=/dev/rsd3d bs=512 count=16065 > the disklabel of sd3 gets overwritten along with the key data. > > I suspect I just have to know how many sectors to skip in the transfer > to avoid overwriting the new disk disklabel, or is there some other way > or more pitfalls when duplicating the key disk partition content? The disklabel appears to use the first 2 sectors of the disk. First mostly PBR boot code and then the partition table. The key disk data starts after 16 sectors and only seem to need 1 sector. So the dd command would be: dd if=/dev/sd1d of=/dev/sd3d bs=512 count=16049 skip=16 seek=16 I have not tried it, but mending the disklabel after the erroneous first tried dd above actually made it work... > > Also, need I make sure the DUID of the key disk copy is the same as > on the working key disk? It works with a different DUID and that is very nice since it is good if different disks have different DUIDs. > > I have a fairly recent snapshot: > OpenBSD 5.0-current (GENERIC.MP) #85: Fri Oct 7 13:05:46 MDT 2011 > [email protected]:/usr/src/sys/arch/i386/compile/GENERIC.MP : -- / Raimo Niskanen, Erlang/OTP, Ericsson AB
