Re: encrypted partition question
Hi Alexander,
Am Donnerstag, 4. September 2008 22:12:14 schrieb Alexander Golovin:
> Hi Frank!
>
> I've added "crypt /dev/hda6 none luks" string in /etc/crypttab
> file, what you had written, but unfartunately, I don't have the crypt
> file in /dev/mapper also.
> I think maybe when I hadn't used the debian installer to encrypt my
> partion then something absent in my system then.
> Maybe it's a good idea to use debian installer, but when I didn't
> use that I need to know how all this works step by step from install
> till configure and run.
> I'll try to do that with luksAddKey, but I'm still don't understand
> why it's not working yet.
Have you rebooted the system or started the cryptsetup(-early) script in
init.d? i don't know which one is the one, to initialize the
cryptographic subsystem. Maybe this scripts aren't activ in your
runlevel.
Just have a try on:
cryptsetup luksOpen /dev/hda6 crypt
This comand unlocks the crypted device after you insert the right
passsword or provide the right key. Afterwards you can mount your
mapped device.
If you can open the crypted device, the line above should work. To mount
it on booting with the fstab, you have to unlock the device first. The
entries in /etc/crypttab are used from the scripts in /etc/init.d/.
This scripts are cryptsetup and cryptsetup-early, as I mentioned above.
They will ask you for your passwort when booting and insert the device
in /dev/mapper/, later, when the devices from the fstab will be
mounted, the device is avible. I uses cryptsetup for my root partion,
home partition, swap and tmp. Last weekend I have transferd my home
partition on a new disk. On this disk I use LVM2 and have added
encryption similar to you. No, not like you, as I see in the moment:
cryptsetup -c aes-cbc-essiv:sha256 -y -s 256 luksFormat /dev/daten/home
I have spezified the algorithm and the size of the key, aswell as the
format. Maybe that is the reason, why it didn't work. If you haven't
written data on the partiton, you can just initialize the device again.
My fault, I'm using cryptsetup every time with luks so I didn't realize
that cryptsetup works without luks too.
Greetings
Frank
P.S.: You don't need to pm me, I'm subscribed to the list.
Reply to: