configuring cgd on netbsd

not enough keyholes

i followed this chapter on cgd for netbsd, but there were a few places where i got stuck and i thought i’d just note them here in case i (or other peeps out there on the interwebs) try to do this again. these notes are in order but be sure to use the cgd chapter. these are more like guidelines anyway.

– to boot into single user mode, reboot then when netbsd is counting down right after the bios, press any key to stop the countdown and then type boot -s to boot in single user mode

– one doesn’t need to use dump to get data off, use netcat + tar to copy to a remote machine (a good option when you don’t have an external drive or cd burner). so on the machine where you want to install cgd, once it’s in single user mode, run:

# tar -czvf – | nc servername port

and on the machine where you are receiving the data:

$ nc -l -p port > file.tgz

– when you are trying to edit partitions with disklabel, know that disklabel on netbsd supports interactive mode with -i and that it isn’t in the disklabel man page at all. to delete the data partitions you want to move to cgd, first launch disklabel in interactive mode, then pull up a partition by typing in the letter of the partition, then choose “unused” for filesystem type, start offset of zero, partition size of zero, then repeat for the other partitions you want to delete, then choose W for write and yes to confirm “label disk?”. that will delete the partitions you need.

– when you need to recreate your new partitions after scrubbing and configuring cgd with a passphrase, run disklabel again in interactive mode and put back the partitions you had the first time following the sizes and names of the partitions from your backup of disklabel you did before starting this whole process. make the new partitions of type 4.2BSD, not ccd. make the partitions in the order in which they were from your original disklabel backup to make adding each one easier (the start point is just the letter of the partition that comes before).

– to copy your data back, use tar and nc in reverse, but you may have to copy apps from /rescue to get things to work and be sure to save your original nc in a place where it won’t get wiped (i.e. save it in /tmp when you are scrubbing your data). when using tar be sure to add the flag to preserve permissions, otherwise you will get some wonky behavior everywhere. vi may be missing so you will need to use cat to edit your fstab and >> to append the cgd=YES line to rc.conf.

other than that, the cgd chapter is quite complete. can i get a w00t for encrypted hard drives please?

Leave a Reply