Hi Cassiano!
Hi!
You've written:
"a far as I know the mapping should be recreated each time you reboot
using /sbin/cryptsetup. We are using luks extension and at each reboot
we need to issue cryptsetup luksOpen </dev/name> <mappername>.
The text above was actually from
Andrea Bicciolo, to which I replied:
/etc/crypttab should make the use of this command unecessary. The
passphrase will then be asked at boot time."
Can you describe how to we need do that?
To me it seems that what you've described in your first e-mail is pretty much ok.
The problem you're facing is that the encrypted volume is not being de-crypted and this is the reason why the device (the actual partition inside the encrypted vol) is not being mapped into /dev/mapper.
In step 3 (from your original e-mail) you are inserting only two fields into /etc/crypttab, but this file mandates four fields: target, source device, key file and options.
- Target is the device that will be created in /dev/mapper (in your example, "crypt" without the quotes);
- Source device is the actual device or partition (/dev/hda6) that's encrypted
- Key file is where the system will read the key to de-crypt the volume. If set to "none", you will be asked for a passphrase, which I assume is your case
- Options can be many things. For LUKS, just put "luks". For more options, refer to "man /etc/crypttab"
My guess is that if you correct your step 3 to include all four fields in /etc/crypttab you will be automatically asked for the passphrase next time you boot the machine, so edit the file and substitute:
crypt /dev/hda6
for
crypt /dev/hda6 none luks
Save the file and reboot. If it does not work, post back your experience.
My experience with manually encrypted partitions is somewhat limited, but overall it should work as I described.
Cheers,
Cassiano Leal