April 30 2020 -CURRENT snapshot installer image. I have a test machine which has encrypted-root-on-ZFS from a previous run of the same installer; I intend to overwrite this partition. When the install USB stick boots it prompts: Consoles: EFI console GELI Passphrase for disk1p3: _ Putting in the passphrase lets the installer proceed as usual. However, if I do not enter the correct passphrase I get: GELI Passphrase for disk1p3: _ Calculating GELI Decryption Key for disk1p3: 1323855 iterations... Bad GELI key: bad password? GELI Passphrase for disk1p3: _ Calculating GELI Decryption Key for disk1p3: 1323855 iterations... Bad GELI key: bad password? GELI Passphrase for disk1p3: _ Calculating GELI Decryption Key for disk1p3: 1323855 iterations... Bad GELI key: bad password? [some loader.efi boot messages omitted] Setting currdev to disk1p3: GELI Passphrase for disk1p3: Calculating GELI Decryption Key for disk1p3: 1323855 iterations... Bad GELI key: bad password? GELI Passphrase for disk1p3: _ Calculating GELI Decryption Key for disk1p3: 1323855 iterations... Bad GELI key: bad password? GELI Passphrase for disk1p3: _ Calculating GELI Decryption Key for disk1p3: 1323855 iterations... Bad GELI key: bad password? [repeated many times] Failed to find bootable partition If I don't know the existing passphrase I'm unable to reinstall.
Even worse, I tried using the i386 installer on a machine with an existing GELI encrypted ZFS root. The installer didn't work at first due to PR246494. After working around that issue I was prompted for the GELI passphrase on boot, and upon entering the passphrase the already installed system booted.
This affects me too from the standpoint that why should I need to enter the GELI passphrase for existing disks when all I want to do is boot from the USB thumbdrive? I do know my password, but I don't want to be bothered with entering the password at boot up.