On Saturday 18 October 2008 03:28:02 Carlos E. R. wrote:
On Friday, 2008-10-17 at 18:20 +0100, Bob Williams wrote:
The problem I have is getting the USB drive mounted before /home, so that the encryption software can find a valid passphrase there, rather than requiring me to type one in.
But that was already solved, wasn't it?
No, but read on
Unless... you mean you need the usb stick mounted before the system tries to mount /home? If that's your problem, I think it is easy to solve. You just have to run the script earlier in the boot sequence. It is controlled by this line:
Yes, that's what I wanted to do, and I solved it (with help from my son) by running either # udevinfo -a -p /sys/block/sdx or # udevinfo --query=all --name=sdx sdx is the current drive allocation of the usbstick, eg. sda, sdb, sdc etc. From the output of this command, you can get some unique strings to identify the device, which you then write into the following line (the bits beginning with ENV, use one or more) ENV{ID_SERIAL_SHORT}=="00012345ABCDE", ENV{ID_MODEL}=="YP-MT6", SYMLINK+="put_your_name_here" which you put into the following, newly created file /etc/udev/dules.d/61-CUSTOM-storage.rules Next, edit /etc/init.d/boot.crypto, adding the following lines (I put them between blocks of ###, for easy identification) echo "Custom Early USB Mount" modprobe usb_storage sleep 5 mount -n -t vfat -o rw,umask=111 /dev/"put_your_name_here" /media/"put_your_name_here" (you may have to edit the 'mount' line if your stick is not vfat) Then, edit /etc/crypttab to contain the following line home /dev/sdxn /media/folder/key luks (this is the path to the file on your USB stick which is acting as the keyphrase - it can be anything, text, jpg etc) and finally, if you haven't created the keyfile yet, do the following at a bash prompt cryptsetup luksAddKey /dev/sdxn media/folder/key In fact I also had to change /etc/fstab so that the line starting cr_sdxn which pointed to my encrypted partition actually started with /dev/mapper/home Anyone wanting to try this will have to fiddle around with the above to suit your system, but it works for me, so I didn't get round to doing
# Required-Start: $syslog $remote_fs $local_fs $kbd
I think that removing the local_fs and remote_fs will do it. Maybe also syslog, because it will need writing somewhere. Kbd need to stay, you need the keyboard to type the password.
After editing that line, you also need to run "chkconfig scriptname on" again.
-- Cheers, Carlos E. R.
Bob -- Registered Linux User #463880 FSFE Member #1300 GPG-FP: A6C1 457C 6DBA B13E 5524 F703 D12A FB79 926B 994E openSUSE 11.0, Kernel 2.6.25.11-0.1-default, KDE 4.1.1 Intel Celeron 2.53GB, 2GB DDR RAM, nVidia GeForce 7600GS -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org