Re: testing email from Damon Chesser, debian-user list

To: "Damon L. Chesser" <damon@damtek.com>
Cc: debian-user@lists.debian.org
Subject: Re: testing email from Damon Chesser, debian-user list
From: "Douglas A. Tutty" <dtutty@vianet.ca>
Date: Fri, 28 Nov 2008 22:50:28 -0500
Message-id: <[🔎] 20081129035028.GB6730@titan.hooton>
Mail-followup-to: "Damon L. Chesser" <damon@damtek.com>, debian-user@lists.debian.org
In-reply-to: <1227891932.3990.57.camel@dam-main.damtek.org>
References: <[🔎] 20081127052502.GA12171@titan.hooton> <1227891932.3990.57.camel@dam-main.damtek.org>

Hi Damon,

No, I did not receive the email.

I'll test again on the box (once only) and see what happens if I type in
the wrong password.

The mess up happend as part of a multi-mode failure:  At the same time,
I wanted the ext3 filesystems mounted with data=journal, so I changed it
in fstab but forgot to change it in /boot/grub/menu.list under bootargs
to the kernel.

Thanks for confirming that it should work as I expect.

Doug.


On Fri, Nov 28, 2008 at 12:05:32PM -0500, Damon L. Chesser wrote:
> Doug,
> 
> My email I set to debian-user in response to your encrypted disk issue
> did not show up on the list.  I emailed you privately my possible
> solution to your problem.  I then sent a test email to the list which
> did not show up.  Did you receive my personal email (following)?  I am
> trying to find out if debian is filtering my email as spam or if perhaps
> the problem is on my hosted provider.
> 
> Thanks!
> 
> Damon Chesser
> damon@damtek.com
> 
> ---------------copy of email sent ----------------------------------
> 
>                               From: 
> Damon L. Chesser <damon@damtek.com>
>                           Reply-To: 
> damon@damtek.com
>                                 To: 
> Douglas A. Tutty <dtutty@vianet.ca>
>                            Subject: 
> Re: encrypted fs, ensure pw correct
> to continue boot?
>                               Date: 
> Thu, 27 Nov 2008 12:17:22 -0500
> 
> Doug,
> 
> I sent this to the list, but I don't see it coming through.  I seem to
> have issues with the debian spam filters, but in any case, I am
> resending this to you in the event you find it useful.
> 
> On Thu, 2008-11-27 at 00:25 -0500, Douglas A. Tutty wrote:
> > Hello all,
> > 
> > I have encrypted partitions on my new box (/home, swap, (tmp on
> tmpfs),
> > /var/local, /var/tmp).  The cryptsetup initscripts prompt for the
> > passphrase during boot.  If you type the wrong passphrase, it says
> that
> > it didn't work but the boot continues anyway.  
> > 
> > I'd like the boot to stop (perhaps doing an immediate reboot) rather
> > than continuing.  The cryptdisks set up happens at
> > /etc/rcS.d/S26cryptdisks-early and S28cryptdisks, inbetween
> > S25libdevmapper1.02 and S30checkfs.sh.
> > 
> > Would it make sense to insert an initscript at say S29 that verifies
> > somehow that the passwords were correct and forces a reboot if not?
> I'd
> > have to single step (from init=/bin/sh) through these and check what
> > happens in /dev at each point to see exactly what to test.
> > 
> > What is prompting this is that during testing, I had done a shutdown
> -rF
> > now, and mis-typed the passphrase on boot-up.  It seemed like e2fsck
> > went ahead and tried to "fix" the undecrypted partition and hosed it.
> I
> > don't want to try to repeat this to make sure that this is what
> > happened, so this is an unsubstantiated suspicion only.
> > 
> > In any event, I'd rather have the machine reboot than boot with a
> > missing partition (e.g. everything but /var/tmp or /home).
> > 
> > Doug.
> 
> Doug,
> 
> Interesting.  I would submit the set up is wrong.  I encrypted my drive
> using Lenny and it will not proceed with out the correct PW.
> 
> Here is what I did, using Lenny D-I RC1
> 
> 1. made a /boot, choose the rest of the disk for use in encrypted
> volume.  
> 
> 2. Came back about 3 hours later when the random data write was over and
> put in my password.
> 
> 3.  Now back at the partition disk menu, selected from the top menu
> items, set up encrypted volume, choose use for LVM for fs.
> 
> 4.  from the top menu, picked configure Volume Group (or is it LVM, I
> forget)
> 
> 5.  Set up LVs for /, /usr,/tmp, /home, and /swap
> 
> 6.  return to the partition menu, selected fs for each of the above,
> 
> 7.  Continue with the Debian install.
> 
> swap must be => ram if you want to suspend to disk.
> 
> Now, I get the password request shortly after boot and if it fails, you
> do not pass go.  Suspend to Disk and Hibernate worked out of the box,
> fwiw, with only networking needed to be restarted so that the wireless
> will connect to the AP.
> 
> I don't know if this answers your questions, but I thought knowing what
> I did that worked, might help you.  I haven't a clue how to convert an
> existing system over.
> 
> HTH
> 
> 
> -- 
> Damon L. Chesser
> damon@damtek.com
> http://www.linkedin.com/in/dchesser
> 
> 
> 
>

Reply to:

References:
- encrypted fs, ensure pw correct to continue boot?
  - From: "Douglas A. Tutty" <dtutty@vianet.ca>

Prev by Date: Re: Driver webcam PWC.
Next by Date: Re: checkgmail
Previous by thread: encrypted fs, ensure pw correct to continue boot?
Next by thread: Etch and a half in commercial package
Index(es):
- Date
- Thread