Bug 263171 - add loader(8) and boot loader menu support for boot with OpenZFS-encrypted ROOT
Summary: add loader(8) and boot loader menu support for boot with OpenZFS-encrypted ROOT
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-bugs (Nobody)
URL: https://github.com/freebsd/freebsd-sr...
Keywords: feature, loader, needs-patch, needs-qa
Depends on:
Blocks:
 
Reported: 2022-04-09 06:51 UTC by Graham Perrin
Modified: 2024-11-02 23:38 UTC (History)
10 users (show)

See Also:

Attachments
Screenshot: FreeBSD boot loader menu (117.00 KB, image/png)
2022-04-09 06:51 UTC, Graham Perrin 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Graham Perrin freebsd_committer freebsd_triage 2022-04-09 06:51:46 UTC 
Created attachment 233089 [details]
Screenshot: FreeBSD boot loader menu

<https://www.freebsd.org/cgi/man.cgi?query=loader&sektion=8&manpath=FreeBSD>
Comment 1 Warner Losh freebsd_committer freebsd_triage 2024-01-17 23:49:38 UTC 
Is there a patch?
Comment 2 Paul Ivanov 2024-02-13 23:50:04 UTC 
A workaround for anyone else wanting to have an OpenZFS encrypted root, here are my notes from setting that up:

https://forums.freebsd.org/threads/the-quest-for-unencrypted-boot-and-zfs-native-encrypted.91940/#post-640041

It involves having a unencrypted /boot partition that doubles as / on initial boot into single user mode, then loads the zfs keys, mounts the encrypted / and re-roots to it (via `reboot -r`).