[Sorry for the formatting. I wanted to reorder the comments.] My system works fine, but I was very interested in Carlos' suggestions. Here are my observations:
They would mount if available at boot time, if the service is enabled:
nimrodel:~ # chkconfig boot.crypto boot.crypto on
and the device is available at that time. It prompts for a password during boot up.
boot.crypto tries, but fails to find the partitions at boot time. In fact, it fails without delay. The relevant line from the boot.msg is: Activating crypto devices using /etc/cryptotab ...failed actually, while booting, there are messages to the effect that the specified partitions are not available. Later in the file is: System Boot Control: The system has been set up Failed features: boot.crypto It does try to start the USB system and waits 3 seconds before attempting to mount the encrypted drives. The drive lights are on. (These are MyBooks that power up/down with the computer.)
As I mentioned previously, you can also use fstab for encrypted partitions. For instance, one of mine:
/device_or_file /mnt/crypto xfs noauto,loop=/dev/loop4,encryption=twofish256 0 0
I doubt labels could be used here, but I assume dev-ids would - I never thought of that till reading this thread ;-)
Right, there is no way to label an encrypted partition as far as I can tell. I moved the specs to fstab, but no go. At boot, the system doesn't seem to know about encryption and just says: mount: going to use the loop device /dev/loop0 /dev/disk/by-id/usb-WD_<snip>-part1: No such file or directory mount: failed setting up loop device for each drive. Here, the drive lights are not yet on. Subsequently, trying to manually mount the partitions as root gives: ioctl: LOOP_SET_STATUS: Invalid argument, requested cipher or key length (256 bits) not supported by kernel I am curious as to why the initial boot.crypto fails, why booting with the specs in fstab doesn't invoke boot.crypto, and why my kernel doesn't support 256 bit encryptions. Actually, I guess I just didn't specify something about the latter when I installed, but I'm not going to reinstall the kernel at this time - everything does work as originally described.
sync/nosunc?
Not sure the relevance here for encrypted partitions. I am running with whatever the default is and previous discussions seemed tp focus on FAT32 files systems and such. Best, ds Carlos E. R. wrote: ...<snip> -- Dennis E. Slice Department of Anthropology University of Vienna ======================================================== -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org