If I don't want to use "none" and be prompted for the passphrase, how can I
do it? I have the passphrase on a USB thumb drive, but how do I specify the
key file name? /dev/sdc1/somedirectory/somefile ??
Cassiano Bertol Leal wrote:
>
> On Thu, Sep 4, 2008 at 5:23 PM, Alexander Golovin
> <[EMAIL PROTECTED]>wrote:
>
>>
>> Hi Cassiano!
>
>
> Hi!
>
>
>> You've written:
>> "a far as I know the mapping should be recreated each time you reboot
>> using /sbin/cryptsetup. We are using luks extension and at each reboot
>> we need to issue cryptsetup luksOpen </dev/name> <mappername>.
>>
>
>
> The text above was actually from Andrea Bicciolo, to which I replied:
>
>
>> /etc/crypttab should make the use of this command unecessary. The
>> passphrase will then be asked at boot time."
>>
>
> Can you describe how to we need do that?
>
>
> To me it seems that what you've described in your first e-mail is pretty
> much ok.
>
> The problem you're facing is that the encrypted volume is not being
> de-crypted and this is the reason why the device (the actual partition
> inside the encrypted vol) is not being mapped into /dev/mapper.
>
> In step 3 (from your original e-mail) you are inserting only two fields
> into
> /etc/crypttab, but this file mandates four fields: target, source device,
> key file and options.
>
> - Target is the device that will be created in /dev/mapper (in your
> example,
> "crypt" without the quotes);
> - Source device is the actual device or partition (/dev/hda6) that's
> encrypted
> - Key file is where the system will read the key to de-crypt the volume.
> If
> set to "none", you will be asked for a passphrase, which I assume is your
> case
> - Options can be many things. For LUKS, just put "luks". For more options,
> refer to "man /etc/crypttab"
>
> My guess is that if you correct your step 3 to include all four fields in
> /etc/crypttab you will be automatically asked for the passphrase next time
> you boot the machine, so edit the file and substitute:
>
> crypt /dev/hda6
>
> for
>
> crypt /dev/hda6 none luks
>
> Save the file and reboot. If it does not work, post back your experience.
>
> My experience with manually encrypted partitions is somewhat limited, but
> overall it should work as I described.
>
> Cheers,
> Cassiano Leal
>
>
--
View this message in context:
http://www.nabble.com/encrypted-partition-question-tp19316048p19591597.html
Sent from the Debian User mailing list archive at Nabble.com.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]