Re: How to mount a LUKS partiotion with Nautilus with option discard?
Am Mon, 01 Sep 2014 09:48:30 +0200 schrieb Jochen Spieker:
> Joerg Desch:
>>
>> I'm using a separate LUKS encrypted partition on my SSD, which I only
>> mount after login. Since there is now way to to this with
>> crypttab/fstab, I have to use Nautilus to do this.
>
> Hm? I don't understand why you say mounting manually is not possible
> with crypttab/fstab. Just make the entries as usual and add the option
> "noauto" in fstab.
OK, here is my /etc/crypttab
private_luks UUID=... none luks,noauto,discard
And this is my /etc/fstab
/dev/mapper/private_luks /media/privates ext4 user,nofail,noauto,noatime
The LUKS partition is installed on a PC where several people have access!
So I don't want the system to ask for the passphrase at boot time! It
must aks for the passphrase after the login!
If I use a LUKS encrypted USB stick, all this is done. But with a
partition on the SSD, Wheezys GNOME don't do it. I don't know why.
> The crypttab file supports the noauto option as well. Then
> you have to run two commands for mounting the filesystem:
>
> cryptdisks_start $mapped_device mount $mount_point
Is it possible to get this working with the GUI?
> You don't need the discard option for your filesystem to run fstrim. You
> only need it in /etc/crypttab. How do you tell that you "can't use
> fstrim"?
> Do you receive an error message when running fstrim?
Yes! ioctl failes while TRIm is not supported.
fstrim: /media/PRIVAT_C/: FITRIM ioctl failed: Die Operation wird nicht
unterstützt
> As pointed out above, this only shows the filesystem option. The status
> of your LUKS device can be queried like this:
>
> # cryptsetup status home-decrypted /dev/mapper/home-decrypted is active
> and is in use.
> type: LUKS1 cipher: aes-xts-plain64 keysize: 256 bits device:
> /dev/mapper/kida-home--crypt--lv offset: 4096 sectors size:
> 88436736 sectors mode: read/write flags: discards
>
/dev/mapper/udisks-luks-uuid-.... is active and is in use.
type: LUKS1
cipher: aes-cbc-essiv:sha256
keysize: 256 bits
device: /dev/sdb7
offset: 4096 sectors
size: 408795136 sectors
mode: read/write
Reply to: