On Mon, Oct 19, 2020 at 06:28:50PM +0000, Martin wrote: > I'd like to have two encrypted 1TB disks in RAID 1 mirror mode (no hardware > RAID installed). Is it possible to use bioctl for that purpose or do I need > to use HW RAID and encrypt mirrored disks with bioctl -cC -l /dev/sd1a > softraid0 ? > Please advice.
Yes, it's possible, and quite common I guess. OpenBSD cannot boot from an encrypted softraid(4) RAID 1+CRYPTO though, so true RAID 1+CRYPTO FDE is not achieveable. (You'll have to leave an unencrypted partition for root so that the system can boot into singleuser. When not finding the remaining of fstab(5) mounts, rc(8) will complain and stop and give you the option to drop to a prompt where you can manually bioctl(8) the CRYPTO partition before continue booting. Kinda cumbersome since every (re)boot will have to be performed attended, so you should carefully consider whether your data is truly so important as to justify the added troubles.) Cheers, Erling
