Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
HOWTO: Use the new baselayout for filesystem-encryption
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
christianbarth
n00b
n00b


Joined: 10 Jun 2005
Posts: 2
Location: Karlsruhe- Germany

PostPosted: Fri Jun 17, 2005 10:50 pm    Post subject: Problem Solved Reply with quote

I recently r-emerged baselayout (same version) and now everything is working fine
:D
Back to top
View user's profile Send private message
tfh
n00b
n00b


Joined: 03 Aug 2004
Posts: 59
Location: AFAD

PostPosted: Mon Jun 20, 2005 8:50 am    Post subject: Reply with quote

Hello all, this new baselayout seems very interesting.
I actualy use encryption with dm_crypt on an headless machine, so typing in a passphrase is not possible.
Right now i store my key on a cdrom, that way if my comp is booted up without the cdrom in then my custom init script won't find the keyfile and won't mount the encrypted partition.
Plus regarding lawenforcement it's better to not even know the key. That way you can't give it up :p.

So does anyone know if it's possible to store the key on an external media with the new baselayout ?


tfh
_________________
tfh
GPG Key:0x960AAEF2
Key Fingerprint: 6763 E0E0 29AC A928 2612 4B14 15FE 6A45 960A AEF2
Back to top
View user's profile Send private message
Nimo
Tux's lil' helper
Tux's lil' helper


Joined: 23 Nov 2003
Posts: 111

PostPosted: Sat Jun 25, 2005 6:47 pm    Post subject: Reply with quote

I've got swap encrypting working as it should using normal sysvinit, but when using initng "swapon -s" gives no output. What should I do to enable it in initng?
_________________
//Nimo
Back to top
View user's profile Send private message
kmbarr
n00b
n00b


Joined: 14 Sep 2004
Posts: 10

PostPosted: Fri Jul 01, 2005 2:26 pm    Post subject: No Device Appearing in /dev/mapper Reply with quote

I just did a fresh build last week using the 2.6.11-gentoo-r11 stage 3 build and was having the same problem as christianbarth, all the required packages were installed with the latest versions, my /etc/conf.d/cryptfs and /etc/fstab files were updated [very similar to Christian's], but the device was not getting built in /dev/mapper. I could build the device manually with cryptsetup, mkswap, and swapon and it would work.

Following Christian's advice, I re-emerged baselayout [and cryptsetup while I was at it]. This left me with 40 files in /etc that needed to be updated; so the next step was `etc-udpate`. I had to work through the files manually :x--most of the files could be replaced with the new versions, but in a few cases this would've overwritten important configuration infomration. Thanks for pointing me the right direction, Christian.

I think the critical issues were in /etc/init.d/localmount and /etc/init.d/checkfs...a number of other scripts in /etc did not appear to be the latest version [besides a lot of changes to 40 files, many of the existing files carried 2004 copyright dates], even though emerge reported that I was re-emerging the same version of baselayout. I think this is a problem with the current 2005.0 builds.

(edit) It looks like a recommendation to upgrade baselayout has been added in the appropriate place in the documentation.
Back to top
View user's profile Send private message
Massimo B.
Veteran
Veteran


Joined: 09 Feb 2005
Posts: 1568
Location: Germany

PostPosted: Sun Oct 30, 2005 4:35 pm    Post subject: Reply with quote

swap encryption works fine. But is there an HowTo for encrypting /home with the baselayout? HowTos like Encrypt a filesystem in a loopback file via dm_crypt don't use the baselayout.
_________________
ppc:PowerBook5,8 15"(1440)-G4/1.67,2G|amd64:HP EliteBook 8560w,i7-2620M,16G|Acer Z5610 (Core2QuadQ8200),8G|amd64-prefix:OpenSuse|HP EliteDesk 800G1 i7-4790|HP Compaq Pro 6300 i7-3770
Lila-Theme
Back to top
View user's profile Send private message
lirel
n00b
n00b


Joined: 20 Jan 2007
Posts: 1

PostPosted: Sat Jan 20, 2007 1:52 pm    Post subject: Re: Problem: no swap after encryption Reply with quote

christianbarth wrote:
I tried to encrypt my swap, but something is still wrong. I added the descriped kernel-options:

--*snip*--

Finally my /etc/conf.d/cryptfs:
Code:
cat /etc/conf.d/cryptfs
# /etc/conf.d/cryptfs
# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup/files/cryptfs.confd,v 1.2 2005/05/21 06:10:25 vapier Exp $
#--*snip*--
# If no makefs is given then mkswap will be assumed
swap=cryptswap
source='/dev/hda2'


--*snip*--

Thx Christian


you should correct this like(crypt[dash]swap):
Code:
nano -w /etc/conf.d/cryptfs
swap=crypt-swap
source='/dev/hda2'



regards lirel
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum