-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Friday 2007-11-30 at 12:33 +0100, Carlos E. R. wrote:
Currently I'm using /etc/cryptotab:
/dev/loop6 /biggy/crypta_f.mm.x /mnt/crypta.mm.x xfs twofish256 noauto,user,noatime,nodir
I tried to move to /etc/crypttab reading your instructions on the web page. But it doesn't work. /etc/crypttab: mycrypt_mm_f /biggy/crypta_f.mm.x none cipher=twofish-cbc-plain,size=256,hash=sha512,itercountk=100,noauto,loop /etc/fstab: /dev/mapper/mycrypt_mm_f /mnt/crypta.mm.x xfs noauto,user,noatime,nodiratime 1 4 nimrodel:~ # /etc/init.d/boot.crypto status /dev/disk/by-id/ata-ST3320620A_5QF2M56F-part15 [ loop0 mapped mounted running /biggy/crypta_f.mm.x unused nimrodel:~ # /etc/init.d/boot.crypto start /mnt/crypta.mm.x nimrodel:~ # nimrodel:~ # /etc/init.d/boot.crypto start /biggy/crypta_f.mm.x Please enter passphrase for /biggy/crypta_f.mm.x (mycrypt_mm_f): WARNING: hashlen truncated to 32 An error occurred. The passphrase may be wrong or the file system on /biggy/crypta_f.mm.x might be corrupted. To check the file system, enter Check. Retry entering the passphrase? ([yes]/no/check/) Please enter passphrase for /biggy/crypta_f.mm.x (mycrypt_mm_f): WARNING: hashlen truncated to 32 An error occurred. The passphrase may be wrong or the file system on /biggy/crypta_f.mm.x might be corrupted. To check the file system, enter Check. Retry entering the passphrase? ([yes]/no/check/) no /biggy/crypta_f.mm.x... skipped Conclusion: If I define the entry in /etc/cryptotab, the "noauto" setting is ignored and tries to mount during boot. Manually mounting later does work fine. I can use the mount point as specifier. If I define the entry in /etc/crypttab, the "noauto" setting works, but it can not mount (errors out) Plus, it does not accept the mount point as specifier, requires the file image. 1st: /etc/init.d/boot.crypto start /mnt/crypta.mm.x 2nd: /etc/init.d/boot.crypto start /biggy/crypta_f.mm.x which is harder to remember (it is contrary to mount command usage) - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFHT/t+tTMYHG2NR9URAgWpAJ0c6y7y4bLGdxdPax+hpzxPWHDbQgCffLv1 VlH2L02JgI7jcpe5u9SXx5o= =rGNi -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org