> From [email protected] Mon Aug 21 15:08:32 2017 > Date: Sat, 19 Aug 2017 15:42:27 -0400 > From: Philippe Meunier <[email protected]> > To: Ted Unangst <[email protected]> > Subject: Re: Full disk encryption questions > > >> - is there a way to get the computer to boot again, short of wiping the > >> disk with dd and starting from scratch again? > > > >you can run installboot. use the softraid disk name. > > I tried, from the install USB: > > # installboot wd0 > installboot: /usr/mdec/biosboot: No such file or directory > # mount -t ffs /dev/sd0a /mnt > # cd / > # gzip -d -c /mnt/6.1/amd64/base61.tgz | tar xfv - ./usr/mdec/biosboot > ./usr/mdec/biosboot > # installboot wd0 > installboot: open /usr/mdec/boot: No such file or directory > # gzip -d -c /mnt/6.1/amd64/base61.tgz | tar xfv - ./usr/mdec/boot > ./usr/mdec/boot > # installboot wd0 > installboot: cross-device install > # >
As semarie@ told me in IRC, this is wrong. You need to use the "decrypted" device such as sd2 at scsibus4 targ 1 lun 0: <OPENBSD, SR CRYPTO, 006> SCSI2 0/direct fixed I ran (after mounting /mnt and /mnt/usr) installboot -v -r /mnt sd2 and can now boot. Now here are the differences First the raw disk: $ diff -u 0.sd0a.h 1.sd0a.h | more --- 0.sd0a.h Wed Aug 23 14:07:01 2017 +++ 1.sd0a.h Wed Aug 23 14:07:43 2017 @@ -499,16 +499,16 @@ 00001fd0 58 c6 2b c6 97 c1 70 21 ea 31 5d 6a 66 92 c1 cf |X.+...p!.1]jf...| 00001fe0 c5 97 1b a8 e9 8f 7e f8 da 0e 4e b2 d4 f6 15 db |......~...N.....| 00001ff0 21 f0 c7 a0 83 f9 f7 55 8c b2 32 8f b3 47 ff 09 |!......U..2..G..| -00002000 6d 61 72 63 43 52 41 4d 06 00 00 00 04 00 00 00 |marcCRAM........| +00002000 6d 61 72 63 43 52 41 4d 06 00 00 00 0c 00 00 00 |marcCRAM........| 00002010 5b 20 d2 31 20 bc 4c f4 8b 4f d6 89 f2 3c 3c a9 |[ .1 .L..O...<<.| 00002020 01 00 00 00 00 00 00 00 02 00 00 00 00 02 00 00 |................| 00002030 00 00 00 00 43 00 00 00 c0 d0 42 25 00 00 00 00 |....C.....B%....| 00002040 4f 50 45 4e 42 53 44 00 53 52 20 43 52 59 50 54 |OPENBSD.SR CRYPT| 00002050 4f 00 00 00 00 00 00 00 30 30 36 00 00 00 00 00 |O.......006.....| -00002060 67 d6 66 ae 3f 30 4c ba ee a7 7d df 40 1c af 13 |g.f.?0L...}.@...| +00002060 1a 0e e7 03 2a 5c ca bc 71 07 09 30 9f 3d b5 b7 |....*\..q..0.=..| 00002070 73 64 32 00 00 00 00 00 00 00 00 00 00 00 00 00 |sd2.............| 00002080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00002090 01 00 00 00 10 02 00 00 f2 00 00 00 00 00 00 00 |................| +00002090 01 00 00 00 10 02 00 00 f3 00 00 00 00 00 00 00 |................| 000020a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000020b0 73 64 30 61 00 00 00 00 00 00 00 00 00 00 00 00 |sd0a............| 000020c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| @@ -15323,7 +15323,7 @@ 000562e0 e4 6b 63 69 35 80 29 26 56 1f ef 01 0e b1 57 85 |.kci5.)&V.....W.| 000562f0 2b c2 3c 6a 72 67 47 1b 04 79 4e 90 77 0d c1 2f |+.<jrgG..yN.w../| 00056300 6b 48 2d e0 83 89 ec c7 f3 67 af 8c 86 e8 84 d0 |kH-......g......| -00056310 c6 8d 67 f5 57 ed 5b 6b 93 58 cf d3 c3 ef 5f b7 |..g.W.[k.X...._.| +00056310 87 f9 6e a0 a9 53 11 bc 64 b1 d3 0a 1f dc 4a 45 |..n..S..d.....JE| 00056320 7c 2e 4e e7 53 66 06 82 60 eb 1e 90 b4 fa 20 07 ||.N.Sf..`..... .| 00056330 16 2b 20 eb e8 04 d1 0c 7d ab bc cb 16 c3 c7 64 |.+ .....}......d| 00056340 09 c4 bb 29 df 4c 10 40 35 24 60 64 8a 54 10 53 |...).L.@5$`d.T.S| @@ -18443,7 +18443,7 @@ 000625e0 ae 01 6a 85 ac dd db ba c0 b7 70 e6 a6 d6 8b 49 |..j.......p....I| 000625f0 d9 39 ca 0b 86 aa e7 0e fb a0 f7 cc cb cc d5 27 |.9.............'| 00062600 02 43 d4 36 e4 fc 5b 5b c1 9f f4 e4 fa 4f dd 34 |.C.6..[[.....O.4| -00062610 ed 55 c2 ae 92 ad 06 7c 27 be 71 1e bc f8 8e 21 |.U.....|'.q....!| +00062610 e3 70 fe b3 b0 ab be 4d 33 26 7c 9e 84 ea 27 95 |.p.....M3&|...'.| 00062620 a8 77 9b 3c 01 ef b1 c9 49 86 f9 72 a0 30 e9 fe |.w.<....I..r.0..| 00062630 4e 88 bf 34 d6 f1 ae 69 ab 90 d4 7d 2c d3 ed 28 |N..4...i...},..(| 00062640 66 05 0b 7a 9f ce a1 28 3e cb 07 59 dc ad dd 19 |f..z...(>..Y....| And the crypto disk: $ diff -u 0.sd2a.h 1.sd2a.h | more --- 0.sd2a.h Wed Aug 23 14:07:19 2017 +++ 1.sd2a.h Wed Aug 23 14:08:01 2017 @@ -656,7 +656,7 @@ 0000c2e0 00 00 00 00 00 00 00 00 00 00 00 00 e8 1f 41 e7 |..............A.| 0000c2f0 23 00 00 00 23 00 00 00 00 00 00 00 00 00 00 00 |#...#...........| 0000c300 ed 41 2f 00 00 00 00 00 00 08 00 00 00 00 00 00 |.A/.............| -0000c310 fd c2 9d 59 f1 c5 6b 23 7d d7 9c 59 4e 2c d5 30 |...Y..k#}..YN,.0| +0000c310 32 c3 9d 59 08 ba 65 26 7d d7 9c 59 4e 2c d5 30 |2..Y..e&}..YN,.0| 0000c320 7d d7 9c 59 4e 2c d5 30 71 06 00 00 00 00 00 00 |}..YN,.0q.......| 0000c330 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * @@ -3430,7 +3430,7 @@ 000185e0 00 00 00 00 00 00 00 00 60 06 00 00 94 2e 73 61 |........`.....sa| 000185f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00018600 a4 81 01 00 00 00 00 00 ca 01 00 00 00 00 00 00 |................| -00018610 fd c2 9d 59 60 3d fa 29 42 52 4c 59 17 93 71 33 |...Y`=.)BRLY..q3| +00018610 32 c3 9d 59 1c d5 91 2a 42 52 4c 59 17 93 71 33 |2..Y...*BRLY..q3| 00018620 48 52 4c 59 a3 f1 dd 2f 11 4b 00 00 00 00 00 00 |HRLY.../.K......| 00018630 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * On sd0a: marcCRAM is the softraid magic number 0x200c is ssd_vol_flags from struct sr_metadata 0x2060 is a MD5 checksum 0x2098 is ssd_ondisk ssd_vol_flags 0x04 is BIOC_SCNOAUTOASSEMBLE ssd_vol_flags 0x08 is BIOC_SCBOOTABLE whose absence is suspicious But I don't have any theory on how it got that way to begin with. BIOC_SCBOOTABLE is set right now while my system is on. Martin
