On 2017-02-06, Tinker <[email protected]> wrote: > How use a HDD as crypto softraid root filesystem media, but put boot > code and cryto softraid keydisk partition (and perhaps /boot file and/or > kernel) on an USB disk?
Create a bootable OpenBSD area with two OpenBSD partitions on the USB stick: 'a' with type 4.2BSD and let's say 'd' with type RAID. They can be really small, 1MB each is fine: # size offset fstype [fsize bsize cpg] a: 2048 64 4.2BSD 2048 16384 64 c: 7928832 0 unused d: 2048 2112 RAID i: 7924672 4160 MSDOS Let's say the USB stick is sd1. Create a filesystem with newfs(8) on sd1a. Mount this partition, say on /mnt. Create a directory /mnt/etc/ and a file /mnt/etc/boot.conf with the line set device sr0a Install a bootstrap to the USB stick with # installboot -r /mnt sd1 /usr/mdec/biosboot /usr/mdec/boot Later, when you create the softraid crypto volume, use the USB stick's other OpenBSD partition as key disk. E.g.: # bioctl -c C -k sd1d -l sd0a softraid0 When you boot from the USB stick, the unencrypted boot loader on 'a' is executed. It assembles the softraid volume, automagically using 'd' as the key disk. It next reads /etc/boot.conf from the stick's 'a' file system, then switches the boot device to the softraid volume, and runs the kernel there. Presto! -- Christian "naddy" Weisgerber [email protected]
