Re: Linux disk partition encryption
On Wed, 26 Jan 2011 14:13:09 -0600
green <greenfreedom10@gmail.com> wrote:
> Hopefully your questions have been answered. I used cryptsetup and LUKS for 2
> partitions. I have never had exactly 0 problems with it. LUKS support for
> multiple passwords has been helpful.
I've had several problems:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541835
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524485
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=588697
That first one was a real head-scratcher, causing a fair amount of time
and aggravation. It baffled the the Debian maintainer, as well as
kernel devs, for a while.
> Now I don't remember that you actually requested a HOWTO, but here it is
> anyway.
>
> It is easy, just:
> 1. Create/choose partition
It is often suggested to first write random data to the partition, to
make attacks more difficult, e.g.:
http://www.hermann-uwe.de/blog/howto-disk-encryption-with-dm-crypt-luks-and-debian
> 2. cryptsetup luksFormat /dev/sdxn (Give it a passphrase and verify)
> 3. cryptsetup luksOpen /dev/sdxn name (give it the passphrase)
> 4. mkfs /dev/mapper/name
> 5. Add a line to /etc/crypttab
> 6. Add a line to /etc/fstab
> 7. mount /dev/mapper/name /mnt/point
>
> Now everything should be operational and should show up the same way on a
> reboot (will ask you for the passphrase).
You can also look into using keyfiles, as I mentioned in another
message in this thread.
Celejar
--
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
Reply to: