cryptsetup dm_mod
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bonjour, I want to use cryptsetup to encrypt partitions and directories. When I use cryptsetup: cryptsetup --verbose --verify-passphrase luksFormat /home/jd/Documents/ for instance, the answer is: Command failed: Cannot communicate with device-mapper. Is the dm_mod module loaded? OK! but I cannot find any dm_mod module on my system and I don't know what package provides this module Thanks for any help. F.P. - -- François Patte UFR de mathématiques et informatique Université Paris Descartes 45, rue des Saints Pères F-75270 Paris Cedex 06 Tél. +33 (0)1 4286 2145 http://www.math-info.univ-paris5.fr/~patte -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkreNbgACgkQdE6C2dhV2JVqAgCfWi7nSrhBPPuC+GZRxDJBp+MT l58AnRVBK91urR42FmjFYqu5VdYMkyoZ =a8BV -END PGP SIGNATURE- -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: cryptsetup dm_mod
François Patte wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bonjour, I want to use cryptsetup to encrypt partitions and directories. When I use cryptsetup: cryptsetup --verbose --verify-passphrase luksFormat /home/jd/Documents/ for instance, the answer is: Command failed: Cannot communicate with device-mapper. Is the dm_mod module loaded? OK! but I cannot find any dm_mod module on my system and I don't know what package provides this module You can only encrypt entire devices (e.g. partitions), not individual directories or directory trees. I'm not sure how your partitioning is set up, but if you used the default, then you have a /boot partition and a / partition (which contains the /home directory). If that's the case, you can only encrypt /, not /home or /home/jd or /home/jd/Documents. In other words, you can only encrypt items starting with /dev in the first column of the output of the mount command. There are exceptions (encrypted NFS volumes and the like), but for 95% of the world, the preceeding is true. -- - Rick Stevens, Systems Engineer ri...@nerd.com - - AIM/Skype: therps2ICQ: 22643734Yahoo: origrps2 - -- - Animal testing is futile. They always get nervous and give the - - wrong answers - -- -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: cryptsetup dm_mod
François Patte wrote: OK! but I cannot find any dm_mod module on my system and I don't know what package provides this module When I encrypt directories (never tried partitions), I run: /sbin/modprobe cryptoloop (I think this loads dm-crypt, too). Likely dm-crypt will provide the module you lack. I am not very knowledgeable about this, but there are 2 ways, one way using dm-crypt and another way using LUKS. It looks like you are choosing the latter. Both methods use cryptsetup. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: cryptsetup dm_mod
Rick Stevens wrote: You can only encrypt entire devices (e.g. partitions), not individual directories or directory trees. I guess a disk image is considered a device (a loop device), because that is how I use it. I have never encrypted anything that begins with /dev. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: cryptsetup dm_mod
Rick Stevens wrote: You can only encrypt entire devices (e.g. partitions), not individual directories or directory trees. I'm not sure how your partitioning is set up, but if you used the default, then you have a /boot partition and a / partition (which contains the /home directory). If that's the case, you can only encrypt /, not /home or /home/jd or /home/jd/Documents. In other words, you can only encrypt items starting with /dev in the first column of the output of the mount command. There are exceptions (encrypted NFS volumes and the like), but for 95% of the world, the preceeding is true. An alternative for François would be to create a loopback filesystem and encrypt that. The result can be mounted at /home/jd/Documents/. Another alternative would be fuse-encfs. IMHO, I think encrypting / is the best all-around option. -- ToddOpenPGP - KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~ The more corrupt the state, the more numerous the laws. -- Tacitus, Roman senator and historian (A.D. c.56-c.115) pgpvOaF3D1qMk.pgp Description: PGP signature -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: cryptsetup dm_mod
Petrus de Calguarium wrote: Rick Stevens wrote: You can only encrypt entire devices (e.g. partitions), not individual directories or directory trees. I guess a disk image is considered a device (a loop device), because that is how I use it. I have never encrypted anything that begins with /dev. A loopback mount creates a device. Example: mounting an ISO image using mount -t iso9660 -o loop /path/to/isoimage.iso /mnt, then running mount shows: /dev/loop0 on /mnt type iso9660 (rw) Good enough? -- - Rick Stevens, Systems Engineer ri...@nerd.com - - AIM/Skype: therps2ICQ: 22643734Yahoo: origrps2 - -- - Consciousness: that annoying time between naps. - -- -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: cryptsetup dm_mod
Rick Stevens wrote: Good enough? Yes, I was not intending to refute what you had stated; rather to correct what I had said in my first post to this thread, namely: When I encrypt directories I realize that loops are associated with /dev/loopX and the device mapper also makes /dev/mapper/X. -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: cryptsetup dm_mod
Petrus de Calguarium wrote: Rick Stevens wrote: Good enough? Yes, I was not intending to refute what you had stated; rather to correct what I had said in my first post to this thread, namely: When I encrypt directories I realize that loops are associated with /dev/loopX and the device mapper also makes /dev/mapper/X. No offense taken. Just wanted to make sure that an explanation got into the list archives. Just glad we got it clarified and the OP understands that you have to encrypt entire devices (well, filesystems), not directories or directory trees. -- - Rick Stevens, Systems Engineer ri...@nerd.com - - AIM/Skype: therps2ICQ: 22643734Yahoo: origrps2 - -- - Consciousness: that annoying time between naps. - -- -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines