-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Friday 2007-11-30 at 11:28 +0100, Carlos E. R. wrote:
Testing. I create in '/etc/cryptotab' the line:
/dev/loop6 /biggy/crypta_f.mm.x /mnt/crypta.mm.x xfs twofish256 noauto,user,noatime,nodiratime
nimrodel:~ # /etc/init.d/boot.crypto start /mnt/crypta.mm.x /mnt/crypta.mm.x: xfs doesn't exist skipped Please enter passphrase for /biggy/crypta_f.mm.x: Command failed: Key reading error /biggy/crypta_f.mm.x... failed
Sorry, my fault. I had a temporary line left over from copypasting. It works! nimrodel:~ # /etc/init.d/boot.crypto start /mnt/crypta.mm.x Please enter passphrase for /biggy/crypta_f.mm.x: [/sbin/fsck.xfs (1) -- /dev/mapper/cryptotab_loop6] fsck.xfs -a /dev/mapper/cryptotab_loop6 /sbin/fsck.xfs: XFS file system. /biggy/crypta_f.mm.x... done Reading your web page, I have a new doubt: ] Example: new /etc/crypttab and /etc/fstab for twofish256 cryptoloop ] image ] ] crypttab: ] ] secret /secret.img none cipher=twofish-cbc-plain,size=256,hash=sha512,itercountk=100 ] ] fstab: ] ] /dev/mapper/secret /secret ext2 noauto,acl,user_xattr 0 0 Currently I'm using /etc/cryptotab: /dev/loop6 /biggy/crypta_f.mm.x /mnt/crypta.mm.x xfs twofish256 noauto,user,noatime,nodir which seems easier that crypttab, but if the needed options are those you write there, then it is easy enough. However... Do I need the fstab line if I mount it via /etc/init.d/boot.crypto? Because mounting via boot.crypto is obviously simpler than the three line commands you write: ] losetup /dev/loop0 /secret.img ] cryptsetup --hash sha512 --cipher twofish-cbc-plain --key-size 256 create secret_img /dev/loop0 ] mount /dev/mapper/secret_img /secret [...] It appears I'll have to move things to crypttab: entries in cryptotab with noauto ignore it: nimrodel:~ # /etc/init.d/boot.crypto start Activating crypto devices using /etc/cryptotab ... /dev/disk/by-id/ata-ST3320620A_5QF2M56F-part15: cryptotab_loop0 alreadskippedd Please enter passphrase for /biggy/crypta_f.mm.x: [/sbin/fsck.xfs (1) -- /dev/mapper/cryptotab_loop6] fsck.xfs -a /dev/mapper/cryptotab_loop6 /sbin/fsck.xfs: XFS file system. /biggy/crypta_f.mm.x... done The second entry,, which is noaouto, tries to mount. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFHT/UdtTMYHG2NR9URAlEuAJwOLUvKKGK0unDRDKifam9epkGzHACeKOVv 87u9941QFibn78xhB00L+R0= =H++J -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org