-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2007-11-26 at 00:10 +0100, Jan Tiggy wrote:
Carlos E. R. schrieb:
[...]
Ah, I see you did something similar later. You also need twofish there.
Thx Carlos I've sorted it out with your help.
We have been talking about encrypted filesystems in the opensuse-security mail list. You might be interested in reading about it in the archive, some interesting docs and sites have come out. If you use fstab entries with the encryption options there (like option "encryption=twofish256"), it will use the old "cryptoloop" method (<= 10.2). To use the new "dm-crypt" method (10.3) you need to use /etc/cryptotab or /etc/crypttab (they are different). In both cases you can manually mount/umount a partition using "/etc/init.d/boot.crypto start" or "stop": using cryptotab: /etc/init.d/boot.crypto start /crypto_mount_point using crypttab: /etc/init.d/boot.crypto start /crypto_partition_or_image_file It is not possible to mount encrypted filesystems by the new "dm-crypt" by using the command "mount" alone or entries in fstab; mount does not support it (yet?). A device mapper "thing" has to be created previously using cryptsetup. And, a kernel bug has come out affecting "cryptoloop": if you are affected, the encrypted filesystem freezes with no error logged, just that the apps writing there freeze and can not be halted. Requires hard power off :-( - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Made with pgp4pine 1.76 iD8DBQFHUBuNtTMYHG2NR9URAkV4AJ4trqEtWTgX12bVqNZN8Qb0mnivCACcD/nh CbHqe+/u9fBvI4P1tHDVf1I= =vmUB -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org