[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Trouble with encrypted filesystems



On Mon, Feb 05, 2007 at 10:31:19 +0100, Dan H. wrote:
> Hello, it's me again:
> 
> After "solving" my troubles with transferring data between different
> storage devices (see the recent thread "System freeze when copying
> files" on this list, archived at
> http://lists.debian.org/debian-user/2007/02/msg00129.html) by using the
> linux-image-2.6.18-486 kernel instead of the -k7 one (on a K7 machine),
> I thought I'd finally be ready to take the next step with my new
> portable USB drive: set up an encrypted partition on the USB disk to
> transfer stuff between my home and office computer. I don't like the
> idea of people getting their hands on my stuff should the disk get
> stolen or lost.
> 
> Anyway, I used cryptsetup to setup a partition (is there a way to
> somehow automate this, so that one doesn't have to use "cryptsetup
> create ..." each time before mounting the disk?)

With your kernel version and udev, hal, dbus + pmount it should be
possible to just plug in the drive, wait a few seconds until udev
creates the device node and mount it normally with pmount (it will ask
for the passphrase). This requires that you use LUKS and device mapper,
which is, I think, the recommended way nowadays, especially since it is
fully integrated into cryptsetup (starting with Etch).

>                                                  and started dumping
> data onto the disk. After few seconds: Hard freeze (system completely
> dead, needed cold reboot, no logs). To locate the problem I set up an
> encrypted partition on the local disk, to see if the problem is related
> to cross-device data transfer. Same result.
> 
> Moreover I noticed that just having an encrypted partition mounted
> --local or via USB-- will kill the system after a few minutes.

Can you post the exact commands you use to initialize the crypto device,
to create its file system and to mount/access it?

-- 
Regards,
          Florian



Reply to: