From nobody@FreeBSD.org  Tue Jun 14 03:50:58 2011
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CD78F106568A
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 14 Jun 2011 03:50:58 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id BD9818FC08
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 14 Jun 2011 03:50:58 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.4/8.14.4) with ESMTP id p5E3owpF002183
	for <freebsd-gnats-submit@FreeBSD.org>; Tue, 14 Jun 2011 03:50:58 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.4/8.14.4/Submit) id p5E3ow80002182;
	Tue, 14 Jun 2011 03:50:58 GMT
	(envelope-from nobody)
Message-Id: <201106140350.p5E3ow80002182@red.freebsd.org>
Date: Tue, 14 Jun 2011 03:50:58 GMT
From: Robert Simmons <rsimmons0@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: kbdmux prevents geli passwords from being entered properly on boot
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         157863
>Category:       kern
>Synopsis:       [geli] kbdmux prevents geli passwords from being entered properly on boot
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-geom
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jun 14 04:00:20 UTC 2011
>Closed-Date:    
>Last-Modified:  Wed Jun 13 13:30:12 UTC 2012
>Originator:     Robert Simmons
>Release:        8.2-RELEASE
>Organization:
>Environment:
>Description:
If you initialize a geli encrypted provider using the "-b" flag to have it ask for the password during boot and you have kbdmux enabled as it is by default there is a conflict and the correct password is not accepted.
>How-To-Repeat:
Initialize a geli encrypted provider with the "-b" option.
Add it to fstab so it is mounted at boot.
Reboot.
Notice that the correct password is rejected.
>Fix:
The workaround is to add the following line to /boot/device.hints
hint.kbdmux.0.disabled="1"

You can confirm that you are entering the correct password by adding the following line to /boot/loader.conf
kern.geom.eli.visible_passphrase=1

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-geom 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Tue Jun 14 07:09:10 UTC 2011 
Responsible-Changed-Why:  
affects geli 

http://www.freebsd.org/cgi/query-pr.cgi?pr=157863 

From: Thomas Steen Rasmussen <thomas@gibfest.dk>
To: bug-followup@FreeBSD.org, rsimmons0@gmail.com, stable@freebsd.org
Cc:  
Subject: Re: kern/157863: [geli] kbdmux prevents geli passwords from being
 entered properly on boot
Date: Wed, 13 Jun 2012 14:19:40 +0200

 Hello,
 
 Just to let everyone know that this is still an issue.
 
 I am trying to install FreeBSD 9.0 amd64 on a Lenovo X121e and I
 can't get it to accept the geli passphrase during boot. I've confirmed
 using kern.geom.eli.visible_passphrase=1 that the passphrase is
 correct, and the same passphrase is accepted when the system is
 booted up.
 
 I've tried disabling kbdmux in /boot/device.hints like the PR said,
 but that didn't help. I also tried disabling atkbd and atkbdc without
 any luck, infact I couldn't type anything at all when disabling those.
 
 Any hints or suggestions to what I might try ? I have another 9-stable
 laptop that mounts a geli volume at boot, no idea why that one works
 and this new one doesn't.
 
 
 Thanks in advance,
 
 /Thomas Steen Rasmussen
 

From: Fabian Keil <freebsd-listen@fabiankeil.de>
To: Thomas Steen Rasmussen <thomas@gibfest.dk>
Cc: bug-followup@FreeBSD.org, rsimmons0@gmail.com, stable@freebsd.org
Subject: Re: kern/157863: [geli] kbdmux prevents geli passwords from being
 entered properly on boot
Date: Wed, 13 Jun 2012 15:01:57 +0200

 --Sig_/jm6NxO_vQgiPA42WSE/jqH/
 Content-Type: text/plain; charset=US-ASCII
 Content-Transfer-Encoding: quoted-printable
 
 Thomas Steen Rasmussen <thomas@gibfest.dk> wrote:
 
 > Just to let everyone know that this is still an issue.
 >=20
 > I am trying to install FreeBSD 9.0 amd64 on a Lenovo X121e and I
 > can't get it to accept the geli passphrase during boot. I've confirmed
 > using kern.geom.eli.visible_passphrase=3D1 that the passphrase is
 > correct, and the same passphrase is accepted when the system is
 > booted up.
 >=20
 > I've tried disabling kbdmux in /boot/device.hints like the PR said,
 > but that didn't help. I also tried disabling atkbd and atkbdc without
 > any luck, infact I couldn't type anything at all when disabling those.
 
 If disabling kbdmux doesn't help, it sounds like a different issue to me.
 
 > Any hints or suggestions to what I might try ? I have another 9-stable
 > laptop that mounts a geli volume at boot, no idea why that one works
 > and this new one doesn't.
 
 Are you using the password together with a keyfile?
 
 I've misconfigured the keyfile in loader.conf in the past,
 which results in the valid password not being accepted.
 
 Obviously the setup then magically works later on when the
 keyfile is specified correctly on the command line.
 
 If you aren't using keyfiles, you could try setting up an USB
 stick with geli, to confirm that the same media works on one
 laptop, but doesn't on the other.
 
 Fabian
 
 --Sig_/jm6NxO_vQgiPA42WSE/jqH/
 Content-Type: application/pgp-signature; name=signature.asc
 Content-Disposition: attachment; filename=signature.asc
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (FreeBSD)
 
 iEYEARECAAYFAk/Yj0sACgkQBYqIVf93VJ1sMQCgrrw4AUCzDoohr2ILzk9xKYu6
 IosAmwUmEvoKKeOeILOsLvmQb+BcIUU9
 =liCA
 -----END PGP SIGNATURE-----
 
 --Sig_/jm6NxO_vQgiPA42WSE/jqH/--

From: Thomas Steen Rasmussen <thomas@gibfest.dk>
To: Fabian Keil <freebsd-listen@fabiankeil.de>
Cc: bug-followup@FreeBSD.org, rsimmons0@gmail.com, stable@freebsd.org
Subject: Re: kern/157863: [geli] kbdmux prevents geli passwords from being
 entered properly on boot
Date: Wed, 13 Jun 2012 15:20:26 +0200

 On 13-06-2012 15:01, Fabian Keil wrote:
 > Thomas Steen Rasmussen <thomas@gibfest.dk> wrote:
 >
 >> Just to let everyone know that this is still an issue.
 >>
 >> I am trying to install FreeBSD 9.0 amd64 on a Lenovo X121e and I
 >> can't get it to accept the geli passphrase during boot. I've confirmed
 >> using kern.geom.eli.visible_passphrase=1 that the passphrase is
 >> correct, and the same passphrase is accepted when the system is
 >> booted up.
 >>
 >> I've tried disabling kbdmux in /boot/device.hints like the PR said,
 >> but that didn't help. I also tried disabling atkbd and atkbdc without
 >> any luck, infact I couldn't type anything at all when disabling those.
 >
 > If disabling kbdmux doesn't help, it sounds like a different issue to me.
 
 You are right, shame on me for polluting an innocent PR with
 unrelated stuff. More info below.
 
 >
 >> Any hints or suggestions to what I might try ? I have another 9-stable
 >> laptop that mounts a geli volume at boot, no idea why that one works
 >> and this new one doesn't.
 >
 > Are you using the password together with a keyfile?
 
 Yes I am.
 
 > I've misconfigured the keyfile in loader.conf in the past,
 > which results in the valid password not being accepted.
 >
 > Obviously the setup then magically works later on when the
 > keyfile is specified correctly on the command line.
 
 This (a small typo in keyfile in loader.conf) was the
 problem, and I need to get my eyes examined :-)
 
 geli could be better at explaining the problem though.
 
 Thank you Fabian! Just what I needed.
 
 
 Apologies for the noise,
 Thomas Steen Rasmussen
 
 
>Unformatted:
