kiela · January 26, 2022 16:00
diff --git a/ZFS_geli_freebsd b/ZFS_geli_freebsd
 root@rizzo ~$ uname -a
 FreeBSD rizzo.heimdall.pl 9.1-RELEASE FreeBSD 9.1-RELEASE #0: Wed Mar 13 21:02:32 CET 2013 [email protected]:/sys/amd64/compile/rizzo  amd64
 root@rizzo ~$ kldload opensolaris
 root@rizzo ~$ kldload zfs
 root@rizzo ~$ kldload geom_eli
 root@rizzo ~$ gpart destroy -F da0
 da0 destroyed
 root@rizzo ~$ gpart create -s gpt da0
 da0 created
 root@rizzo ~$ gpart add -t freebsd-zfs -a 4096 da0
 da0p1 added
 root@rizzo ~$ mkdir /boot/encryption
 root@rizzo ~$ dd if=/dev/random of=/boot/encryption/storage.key bs=4096 count=1
 1+0 records in
 1+0 records out
 4096 bytes transferred in 0.000111 secs (36945955 bytes/sec)
 root@rizzo ~$ geli init -b -B /boot/da0p1.eli -e AES-XTS -K /boot/encryption/storage.key -l 256 -s 4096 /dev/da0p1
 Enter new passphrase:
 Reenter new passphrase:

 Metadata backup can be found in /boot/da0p1.eli and 
 can be restored with the following command:

 	# geli restore /boot/da0p1.eli /dev/da0p1

 root@rizzo ~$ geli attach -k /boot/encryption/storage.key /dev/da0p1
 Enter passphrase:
 root@rizzo ~$ zpool create storage /dev/da0p1.eli
 root@rizzo ~$ zfs set mountpoint=/storage storage
 root@rizzo ~$ zfs create storage/movies
 root@rizzo ~$ zfs create storage/music
 root@rizzo ~$ zfs create storage/others
 root@rizzo ~$ zfs set mountpoint=/storage/movies storage/movies
 root@rizzo ~$ zfs set mountpoint=/storage/music storage/music
 root@rizzo ~$ zfs set mountpoint=/storage/others storage/others
 root@rizzo ~$ echo 'zfs_load="YES"' >> /boot/loader.conf
 root@rizzo ~$ echo 'aesni_load="YES"' >> /boot/loader.conf
 root@rizzo ~$ echo 'geom_eli_load="YES"' >> /boot/loader.conf
 root@rizzo ~$ echo 'geli_da0p1_keyfile0_load="YES"' >> /boot/loader.conf
 root@rizzo ~$ echo 'geli_da0p1_keyfile0_type="da0p1:geli_keyfile0"' >> /boot/loader.conf
 root@rizzo ~$ echo 'geli_da0p1_keyfile0_name="/boot/encryption/storage.key"' >> /boot/loader.conf
 root@rizzo ~$ shutdown -r now

 Done!
	root@rizzo ~$ uname -a
	FreeBSD rizzo.heimdall.pl 9.1-RELEASE FreeBSD 9.1-RELEASE #0: Wed Mar 13 21:02:32 CET 2013 [email protected]:/sys/amd64/compile/rizzo amd64
	root@rizzo ~$ kldload opensolaris
	root@rizzo ~$ kldload zfs
	root@rizzo ~$ kldload geom_eli
	root@rizzo ~$ gpart destroy -F da0
	da0 destroyed
	root@rizzo ~$ gpart create -s gpt da0
	da0 created
	root@rizzo ~$ gpart add -t freebsd-zfs -a 4096 da0
	da0p1 added
	root@rizzo ~$ mkdir /boot/encryption
	root@rizzo ~$ dd if=/dev/random of=/boot/encryption/storage.key bs=4096 count=1
	1+0 records in
	1+0 records out
	4096 bytes transferred in 0.000111 secs (36945955 bytes/sec)
	root@rizzo ~$ geli init -b -B /boot/da0p1.eli -e AES-XTS -K /boot/encryption/storage.key -l 256 -s 4096 /dev/da0p1
	Enter new passphrase:
	Reenter new passphrase:

	Metadata backup can be found in /boot/da0p1.eli and
	can be restored with the following command:

	# geli restore /boot/da0p1.eli /dev/da0p1

	root@rizzo ~$ geli attach -k /boot/encryption/storage.key /dev/da0p1
	Enter passphrase:
	root@rizzo ~$ zpool create storage /dev/da0p1.eli
	root@rizzo ~$ zfs set mountpoint=/storage storage
	root@rizzo ~$ zfs create storage/movies
	root@rizzo ~$ zfs create storage/music
	root@rizzo ~$ zfs create storage/others
	root@rizzo ~$ zfs set mountpoint=/storage/movies storage/movies
	root@rizzo ~$ zfs set mountpoint=/storage/music storage/music
	root@rizzo ~$ zfs set mountpoint=/storage/others storage/others
	root@rizzo ~$ echo 'zfs_load="YES"' >> /boot/loader.conf
	root@rizzo ~$ echo 'aesni_load="YES"' >> /boot/loader.conf
	root@rizzo ~$ echo 'geom_eli_load="YES"' >> /boot/loader.conf
	root@rizzo ~$ echo 'geli_da0p1_keyfile0_load="YES"' >> /boot/loader.conf
	root@rizzo ~$ echo 'geli_da0p1_keyfile0_type="da0p1:geli_keyfile0"' >> /boot/loader.conf
	root@rizzo ~$ echo 'geli_da0p1_keyfile0_name="/boot/encryption/storage.key"' >> /boot/loader.conf
	root@rizzo ~$ shutdown -r now

	Done!