encrypting an external HDD filesystem and GNOME3 support
Hi,
I am interested in creating an encrypted partition (ideally
LVM logical volume) on an external disk, which I will want
to attach and detach from my laptop whilst running. I use
the GNOME3 environment and am looking for a robust solution
which doesn't require too much fuss.
It would appear that GNOME3/nautilus/udisks (or some
combination thereof) has some rudimentary support for
detecting and mounting LVM volume groups, logical
volumes and dm_crypt devices. However the dm_crypt+LVM
combination doesn't work well yet, at all (what happens
is described below)
My question is, does anyone currently achieve a
hot-pluggable, encrypted filesystem, accessible with the
minimum of fuss via a modern GUI environment, and if so,
what do they use?
Thanks in advance for any answers.
(details about how well LVM/dm_crypt and GNOME3 play
together follow)
If I plug a disk with an LVM-formatted partition, an icon
for the VG appears in nautilus. Clicking on that requires
user authentication, after which an icon appears for the
LVs within.
For a plain (non-encrypted) LV, double-clicking that
requires another user authentication, upon which the LV
is mounted.
For an encrypted LV, double-clicking it prompts for a
decryption passphrase, then follows up with an
authentication prompt (as above).
I then get an error message ("Internal error: No mount
object for mounted volume") and a pop-up telling me that
a filesystem has appeared simultaneously. The filesystem
appears to be mounted. However, when you unmount the volume
in nautilus, the dm_crypt device is not properly closed.
It would appear that LVM/dm_crypt are not adequately
supported in the desktop stack yet, but that they probably
will be soon. The two auth prompts in the non-encrypted
case may be possible to configure away via policykit.
ii gnome-shell 3.2.2.1-2
ii nautilus 3.2.1-3
ii udisks 1.0.4-5
ii lvm2 2.02.88-2
ii cryptsetup 2:1.4.1-2
--
Jon Dowland
Reply to: