Even without `geom_eli_load="YES"` in /boot/loader.conf (or without any loader.conf), you are still prompted for the passphrase to any geli
device with the boot flag.
This means you can't boot a FreeBSD image to repair your install if
you don't have physical, serial or kvm access to just press enter
until all the passphrase prompts are gone and the system actually
boots up and is reachable via network.
I'm currently facing this issue at Hetzner and, at least for me,
it represents a major hurdle for setting up and maintaining
encrypted dedicated machines remotely.
If geli isn't loaded (and it shouldn't be by default, right?)
these prompts should just be skipped to allow rescue systems
to actually boot.
I'm on 12.1-RELEASE but I'm pretty sure this behavior is true
for all FreeBSD versions I have come into contact with in the
PS: Very unsure of what the right component to select was,
feel free to re-assign it to whatever fits best.
Also: bug 204969, bug 221526