|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
Using vnd as keydisk for bioctl?
Hi.
Is it possible to use a vnd(4) as a keydisk for bioctl(8)? (crypted disk mount on /mnt/xyz correctly with one keydisk) My attempt: Code:
$ doas dd if=/dev/zero of=disk.img bs=1g count=1 $ doas vnconfig disk.img vnd0 $ doas disklabel -E /dev/vnd0c Label editor (enter '?' for help at any prompt) /dev/vnd0c> p g OpenBSD area: 0-2097152; size: 1.0G; free: 1.0G # size offset fstype [fsize bsize cpg] c: 1.0G 0 unused /dev/vnd0c> a a offset: [0] size: [2097152] FS type: [4.2BSD] RAID /dev/vnd0c*> w /dev/vnd0c> q No label changes. $ doas dd bs=8192 seek=1 if=bckp.k.img of=/dev/rvnd0a 110914+0 records in 110914+0 records out 908607488 bytes transferred in 80.264 secs (11320180 bytes/sec) $ doas bioctl -c C -k vnd0a -l 892fc22d89c0ff24.a softraid0 Nov 14 14:43:48 srvr /bsd: softraid0: vnd0a is not a key disk
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733 Last edited by CiotBSD; 14th November 2022 at 04:25 PM. |
|
|||
vmctl? plz, explain.
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733 |
|
||||
The vmctl(8) command used to manage hypervisor guests has a "create" option which creates sparse files.
I have added my console output to my response above, where you can see I used the vmctl(8) command to create the backing storage for a 1 GB key disk and a 5 GB encrypted disk. |
|
|||
Ok, In your example, you initiate softraid with the virtual disk, created by vmctl. I understand.
(egual process than using dd) But, in the use case, where the softraid was created with a keydisk, and backuped. How can I use the backup as virtual disk?
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733 |
|
||||
I just tested backup and recovery of the key partition using dd(1). Works fine. To keep it manageable I used a small, 5MB key disk.
Code:
# # create disks: # vmctl create -s 5m /tmp/key.disk vmctl: raw imagefile created # vmctl create -s 5g /tmp/encrypted.disk vmctl: raw imagefile created # vnconfig vnd0 /tmp/key.disk # vnconfig vnd1 /tmp/encrypted.disk # disklabel -E vnd0 Label editor (enter '?' for help at any prompt) vnd0> a a offset: [0] size: [10240] FS type: [4.2BSD] raid vnd0*> w vnd0> q No label changes. # disklabel -E vnd1 Label editor (enter '?' for help at any prompt) vnd1> a a offset: [0] size: [10485760] FS type: [4.2BSD] raid vnd1*> w vnd1> q No label changes. # # create softraid disk: # bioctl -c C -k /dev/vnd0a -l /dev/vnd1a softraid0 softraid0: CRYPTO volume attached as sd2 # disklabel -E sd2 Label editor (enter '?' for help at any prompt) sd2> a a offset: [0] size: [10485232] FS type: [4.2BSD] sd2*> w sd2> q No label changes. # newfs sd2a /dev/rsd2a: 5119.7MB in 10485216 sectors of 512 bytes 26 cylinder groups of 202.50MB, 12960 blocks, 25920 inodes each super-block backups (for fsck -b #) at: 160, 414880, 829600, 1244320, 1659040, 2073760, 2488480, 2903200, 3317920, 3732640, 4147360, 4562080, 4976800, 5391520, 5806240, 6220960, 6635680, 7050400, 7465120, 7879840, 8294560, 8709280, 9124000, 9538720, 9953440, 10368160, # mount /dev/sd2a /mnt # echo this is a test file > /mnt/test.file # umount /mnt # # detach softraid drive and back up key disk: # bioctl -d sd2 # dd if=/dev/rvnd0a of=/tmp/key.disk.dd.backup 10240+0 records in 10240+0 records out 5242880 bytes transferred in 0.342 secs (15329018 bytes/sec) # # test recovery with a new key drive: # vmctl create -s 5m /tmp/new.key.disk vmctl: raw imagefile created # vnconfig vnd2 /tmp/new.key.disk # disklabel -E vnd2ke Label editor (enter '?' for help at any prompt) vnd2> a a offset: [0] size: [10240] FS type: [4.2BSD] raid vnd2*> w vnd2> q No label changes. # dd if=/tmp/key.disk.dd.backup of=/dev/rvnd2a 10240+0 records in 10240+0 records out 5242880 bytes transferred in 4.678 secs (1120655 bytes/sec) # bioctl -c C -k /dev/vnd2a -l /dev/vnd1a softraid0 softraid0: CRYPTO volume attached as sd2 # mount /dev/sd2a /mnt # cat /mnt/test.file this is a test file # |
|
|||
@jggimi: thanks.
But, I dont known why, this not runs on my use case. (perhaps, it's due to I use crypted HD).
__________________
GPG:Fingerprint ed25519 : 072A 4DA2 8AFD 868D 74CF 9EA2 B85E 9ADA C377 5E8E GPG:Fingerprint rsa4096 : 4E0D 4AF7 77F5 0FAE A35D 5B62 D0FF 7361 59BF 1733 |
|
||||
Please note that my backup and restore were of the keydisk partition (backup from: /dev/rvnd0a, restore to: /dev/rvnd2a), only, and were not of the entire drive.
Last edited by jggimi; 17th November 2022 at 02:06 AM. Reason: clarity |
Tags |
bioctl, openbsd, vnd |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
OpenBSD adds boot(8) support for keydisk-based softraid crypto volumes | J65nko | News | 0 | 12th November 2013 09:24 AM |