Re: [gentoo-user] [OT crypto] How to encrypt a directory without root?
On Fri, Jan 01, 2010 at 10:57:20PM +0100, Ming-Che Lee wrote: > Maybe of some help: > > http://www.linuxjournal.com/article/9880 Looks good to me -- I use some FUSE encryption setup which looks similar, but it's been years since I set it up. It wasn't hard. It has one decided quirk which I consider a feature -- root can read the encrypted volume for backup but *cannot* access the plaintext volume. Another quirk is that filenames are padded to multiples of some configurable length before encryption; these are visible to root. I suppose root could even manipulate them, but I have never tried it. I mount and umount it without root, but I think it required initial root access to load a kernel module. Now that happens automatically. This may be a problem if you have no root access at all. If you need more details, I suppose I can figure out what I did, but that Linux Journal article looks pretty thorough. -- ... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._. Felix Finch: scarecrow repairman & rocket surgeon / fe...@crowfix.com GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933 I've found a solution to Fermat's Last Theorem but I see I've run out of room o
Re: [gentoo-user] [OT crypto] How to encrypt a directory without root?
Harry Putnam wrote: I want to encrypt a directory heirarchy on a remote machine where I don't have root. I can use either an openbsd, or gentoo remote. Encfs could also be interesting for you. Johannes
Re: [gentoo-user] [OT crypto] How to encrypt a directory without root?
Hi, On Friday 01 January 2010 19:32:07 Harry Putnam wrote: > I want to encrypt a directory heirarchy on a remote machine where > I don't have root. I can use either an openbsd, or gentoo > remote. > Maybe of some help: http://www.linuxjournal.com/article/9880 Regards, Ming-Che
Re: [gentoo-user] [OT crypto] How to encrypt a directory without root?
Am Freitag 01 Januar 2010 19:32:07 schrieb Harry Putnam: > I want to encrypt a directory heirarchy on a remote machine where I > don't have root. I can use either an openbsd, or gentoo remote. Not having root access usually means no chance to mount something. That in turn means that you can only encrypt on a per file basis. The best tool for this would be GNU Privacy Guard (GPG). HTH... Dirk
Re: [gentoo-user] [OT crypto] How to encrypt a directory without root?
On Fri, 01 Jan 2010 12:32:07 -0600, Harry Putnam wrote: > I want to encrypt a directory heirarchy on a remote machine where I > don't have root. I can use either an openbsd, or gentoo remote. Provided the kernel has ecrypt support and the userspace utilities are installed, you can use ecrypt to encrypt a directory as an ordinary user. -- Neil Bothwick Gigabyte: (n.) more than you can comprehend and less than you'll need. signature.asc Description: PGP signature
[gentoo-user] Re: Externel drive should be /dev/sda1, but /dev/sda1 does not exist
On 01/01/2010 05:48 AM, Michael Sullivan wrote: Hello My wife's computer is pretty slow, so I've attached and old hard drive into a hard drive enclosure and hooked it into her USB port for additional swap space. It used to work. The swap space is supposed to be /dev/sda1. The problem is that for some reason when I rebooted this morning with a new kernel, /dev/sda does not exist anymore... Hm. So the only thing you changed was the new kernel? Might help to know why you built the new kernel. What problem were you solving by doing it? I would try booting the machine without the USB swap disk and then hotplug it when the machine is already running. What does dmesg say then? Can be simpler to interpret when you know exactly which lines were printed in response to the newly connected drive.
[gentoo-user] [OT crypto] How to encrypt a directory without root?
I want to encrypt a directory heirarchy on a remote machine where I don't have root. I can use either an openbsd, or gentoo remote.
[gentoo-user] Re: rsync reverts to old file versions
Grant writes: > rsync -vr --inplace --delete /path/to/music/ gr...@192.168.1.2:/path/to/music what OSs' are the hosts? I've had that happen a time or two when the source host was a windows machine, having something to do with the way windows handles permissions and dates. The windows files were seen as all new even though they had been rsynced the previous week and only a few additions had been made (Nothing was found to be `uptodate')
Re: [gentoo-user] Externel drive should be /dev/sda1, but /dev/sda1 does not exist
On Fri, 2010-01-01 at 16:12 +0200, Alan McKinnon wrote: > On Friday 01 January 2010 15:48:52 Michael Sullivan wrote: > > Hello > > > > My wife's computer is pretty slow, so I've attached and old hard drive > > into a hard drive enclosure and hooked it into her USB port for > > additional swap space. It used to work. The swap space is supposed to > > be /dev/sda1. The problem is that for some reason when I rebooted this > > morning with a new kernel, /dev/sda does not exist anymore. I'm at a > > lost as to what to do now. Here's dmesg, or at least the parts > > portaining to usb devices: > > does it make a difference if you disable CONFIG_USB_SUSPEND, which can be > done > by reloading the module "usbcore" with the option "autosuspend=-1" ? > catherine dev # modprobe usbcore autosuspend=-1 catherine dev # ls /dev/sda1 ls: cannot access /dev/sda1: No such file or directory Did I do this right?
Re: [gentoo-user] redirect connections to localhost
On Friday 01 January 2010 14:38:36 Etaoin Shrdlu wrote: > On Friday 01 January 2010, Alexander wrote: > > On Friday 01 January 2010 03:07:42 Etaoin Shrdlu wrote: > > > On Thursday 31 December 2009, Alexander wrote: > > > > Is there a way to redirect TCP connections from external network > > > > interfaces to the local/loopback in network 127.0.0.0/8? I need > > > > functionality like DNAT target in iptables. > > > > > > Uh...why don't you use DNAT then? > > > > This doesn't work, because kernel drops any packets that come from > > external network to 127.0.0.0/8. > > Of course it does. But in these cases, the workaround is assigning a > non-127 address to the lo interface, like 192.168.0.1/32 for example, and > DNAT to that address (and have whatever program should receive the data > listen on 192.168.0.1, of course). This way eats some private network address range and this could be cause of a collisions with an external private networks. Reconfiguring services for a new ip ranges isn't so easy procedure in general (let's consider device that should work just out of the box with a trivial configutation efforts). Thus it's important use some subsets of 127.0.0.0/8 network for that. I have just been advised to look at net-misc/stone or net-proxy/haproxy (thanks to has been adviced), but I'm not sure that this will work like DNAT.
Re: [gentoo-user] udev & baselayout
Neil Bothwick [10-01-01 15:04]: > On Fri, 1 Jan 2010 11:52:51 +0100, meino.cra...@gmx.de wrote: > > > the udev-scripts reports while booting that it is made for > > baselayout 2 and not for baselayout 1, which I am using. > > I tried to figure out, what version of udev I have to > > use for baselayout 1 with no success. > > The same version, but you don't need the init script with BL1. Remove it > from all runlevels with rc-update. > > Baselayout-1 starts a number of services automatically, including udev, > while BL2 relies on init scripts to start them. > > > -- > Neil Bothwick > > Facts are stubborn, but statistics are more pliable Hi Neil, thanks a lot! That clearifies much! :) Have a nice 2010! mcc -- Please don't send me any Word- or Powerpoint-Attachments unless it's absolutely neccessary. - Send simply Text. See http://www.gnu.org/philosophy/no-word-attachments.html In a world without fences and walls nobody needs gates and windows.
Re: [gentoo-user] Externel drive should be /dev/sda1, but /dev/sda1 does not exist
On Friday 01 January 2010 15:48:52 Michael Sullivan wrote: > Hello > > My wife's computer is pretty slow, so I've attached and old hard drive > into a hard drive enclosure and hooked it into her USB port for > additional swap space. It used to work. The swap space is supposed to > be /dev/sda1. The problem is that for some reason when I rebooted this > morning with a new kernel, /dev/sda does not exist anymore. I'm at a > lost as to what to do now. Here's dmesg, or at least the parts > portaining to usb devices: does it make a difference if you disable CONFIG_USB_SUSPEND, which can be done by reloading the module "usbcore" with the option "autosuspend=-1" ? > > catherine dev # dmesg | grep usb > usbcore: registered new interface driver usbfs > usbcore: registered new interface driver hub > usbcore: registered new device driver usb > usb usb1: configuration #1 chosen from 1 choice > usbcore: registered new interface driver usb-storage > usb usb2: configuration #1 chosen from 1 choice > usb usb3: configuration #1 chosen from 1 choice > usb usb4: configuration #1 chosen from 1 choice > usbcore: registered new interface driver hiddev > usbcore: registered new interface driver usbhid > usbhid: v2.6:USB HID core driver > usb 3-2: new full speed USB device using ohci_hcd and address 2 > usb 3-2: device descriptor read/64, error -62 > usb 3-2: device descriptor read/64, error -62 > usb 3-2: new full speed USB device using ohci_hcd and address 3 > usb 3-2: device descriptor read/64, error -62 > usb 3-2: device descriptor read/64, error -62 > usb 3-2: new full speed USB device using ohci_hcd and address 4 > usb 3-2: device not accepting address 4, error -62 > usb 3-2: new full speed USB device using ohci_hcd and address 5 > usb 3-2: device not accepting address 5, error -62 > > and here is lsmod: > > catherine dev # lsmod > Module Size Used by > nfsd 212004 9 > xt_DSCP 2676 17 > xt_multiport2512 4 > xt_tcpudp 2528 55 > iptable_nat 4308 1 > nf_nat 16104 1 iptable_nat > xt_limit2036 27 > nf_conntrack_ipv4 11692 18 iptable_nat,nf_nat > nf_defrag_ipv4 1668 1 nf_conntrack_ipv4 > xt_state1780 15 > nf_conntrack 60044 4 > iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state > ipt_LOG 4896 27 > iptable_mangle 2268 1 > xt_string 1764 0 > ipt_ULOG5784 0 > iptable_filter 2260 1 > ip_tables 10264 3 > iptable_nat,iptable_mangle,iptable_filter > x_tables 14684 10 > xt_DSCP,xt_multiport,xt_tcpudp,iptable_nat,xt_limit,xt_state,ipt_LOG,xt_str > ing,ipt_ULOG,ip_tables ipv6 216088 20 > snd_pcm_oss30740 0 > snd_mixer_oss 13456 2 snd_pcm_oss > snd_seq_oss23496 0 > snd_seq_midi_event 6312 1 snd_seq_oss > snd_seq42988 4 snd_seq_oss,snd_seq_midi_event > snd_seq_device 6352 2 snd_seq_oss,snd_seq > lp 8184 0 > snd_intel8x0 26864 1 > snd_ac97_codec 93624 1 snd_intel8x0 > ac97_bus1456 1 snd_ac97_codec > snd_pcm60476 3 snd_pcm_oss,snd_intel8x0,snd_ac97_codec > sis900 17960 0 > ppdev 5752 0 > mii 4736 1 sis900 > shpchp 27540 0 > pcspkr 2204 0 > processor 35088 0 > pci_hotplug24584 1 shpchp > snd_timer 18172 2 snd_seq,snd_pcm > sis_agp 6640 1 > agpgart31260 1 sis_agp > snd51020 9 > snd_pcm_oss,snd_mixer_oss,snd_seq_oss,snd_seq,snd_seq_device,snd_intel8x0,s > nd_ac97_codec,snd_pcm,snd_timer snd_page_alloc 8168 2 > snd_intel8x0,snd_pcm > button 5192 0 > rtc_cmos9432 0 > floppy 47372 0 > fan 4084 0 > rtc_core 15912 1 rtc_cmos > rtc_lib 2620 1 rtc_core > thermal12828 0 > parport_pc 32580 1 > thermal_sys12432 3 processor,fan,thermal > tg395332 0 > libphy 21256 1 tg3 > e1000 103876 0 > fuse 52728 0 > xfs 428276 0 > exportfs3764 2 nfsd,xfs > nfs 228192 1 > auth_rpcgss33564 2 nfsd,nfs > nfs_acl 2612 2 nfsd,nfs > lockd 59124 2 nfsd,nfs > sunrpc169108 15 nfsd,nfs,auth_rpcgss,nfs_acl,lockd > jfs 151124 0 > raid10 19696 0 > dm_bbr 9656 0 > dm_snapshot22180 0 > dm_crypt 11148 0 > dm_mirror 13076 0 > dm_region_hash 10704 1 dm_mirror > dm_log 8680 2 dm_mirror,dm_region_hash > dm_m
[gentoo-user] Externel drive should be /dev/sda1, but /dev/sda1 does not exist
Hello My wife's computer is pretty slow, so I've attached and old hard drive into a hard drive enclosure and hooked it into her USB port for additional swap space. It used to work. The swap space is supposed to be /dev/sda1. The problem is that for some reason when I rebooted this morning with a new kernel, /dev/sda does not exist anymore. I'm at a lost as to what to do now. Here's dmesg, or at least the parts portaining to usb devices: catherine dev # dmesg | grep usb usbcore: registered new interface driver usbfs usbcore: registered new interface driver hub usbcore: registered new device driver usb usb usb1: configuration #1 chosen from 1 choice usbcore: registered new interface driver usb-storage usb usb2: configuration #1 chosen from 1 choice usb usb3: configuration #1 chosen from 1 choice usb usb4: configuration #1 chosen from 1 choice usbcore: registered new interface driver hiddev usbcore: registered new interface driver usbhid usbhid: v2.6:USB HID core driver usb 3-2: new full speed USB device using ohci_hcd and address 2 usb 3-2: device descriptor read/64, error -62 usb 3-2: device descriptor read/64, error -62 usb 3-2: new full speed USB device using ohci_hcd and address 3 usb 3-2: device descriptor read/64, error -62 usb 3-2: device descriptor read/64, error -62 usb 3-2: new full speed USB device using ohci_hcd and address 4 usb 3-2: device not accepting address 4, error -62 usb 3-2: new full speed USB device using ohci_hcd and address 5 usb 3-2: device not accepting address 5, error -62 and here is lsmod: catherine dev # lsmod Module Size Used by nfsd 212004 9 xt_DSCP 2676 17 xt_multiport2512 4 xt_tcpudp 2528 55 iptable_nat 4308 1 nf_nat 16104 1 iptable_nat xt_limit2036 27 nf_conntrack_ipv4 11692 18 iptable_nat,nf_nat nf_defrag_ipv4 1668 1 nf_conntrack_ipv4 xt_state1780 15 nf_conntrack 60044 4 iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state ipt_LOG 4896 27 iptable_mangle 2268 1 xt_string 1764 0 ipt_ULOG5784 0 iptable_filter 2260 1 ip_tables 10264 3 iptable_nat,iptable_mangle,iptable_filter x_tables 14684 10 xt_DSCP,xt_multiport,xt_tcpudp,iptable_nat,xt_limit,xt_state,ipt_LOG,xt_string,ipt_ULOG,ip_tables ipv6 216088 20 snd_pcm_oss30740 0 snd_mixer_oss 13456 2 snd_pcm_oss snd_seq_oss23496 0 snd_seq_midi_event 6312 1 snd_seq_oss snd_seq42988 4 snd_seq_oss,snd_seq_midi_event snd_seq_device 6352 2 snd_seq_oss,snd_seq lp 8184 0 snd_intel8x0 26864 1 snd_ac97_codec 93624 1 snd_intel8x0 ac97_bus1456 1 snd_ac97_codec snd_pcm60476 3 snd_pcm_oss,snd_intel8x0,snd_ac97_codec sis900 17960 0 ppdev 5752 0 mii 4736 1 sis900 shpchp 27540 0 pcspkr 2204 0 processor 35088 0 pci_hotplug24584 1 shpchp snd_timer 18172 2 snd_seq,snd_pcm sis_agp 6640 1 agpgart31260 1 sis_agp snd51020 9 snd_pcm_oss,snd_mixer_oss,snd_seq_oss,snd_seq,snd_seq_device,snd_intel8x0,snd_ac97_codec,snd_pcm,snd_timer snd_page_alloc 8168 2 snd_intel8x0,snd_pcm button 5192 0 rtc_cmos9432 0 floppy 47372 0 fan 4084 0 rtc_core 15912 1 rtc_cmos rtc_lib 2620 1 rtc_core thermal12828 0 parport_pc 32580 1 thermal_sys12432 3 processor,fan,thermal tg395332 0 libphy 21256 1 tg3 e1000 103876 0 fuse 52728 0 xfs 428276 0 exportfs3764 2 nfsd,xfs nfs 228192 1 auth_rpcgss33564 2 nfsd,nfs nfs_acl 2612 2 nfsd,nfs lockd 59124 2 nfsd,nfs sunrpc169108 15 nfsd,nfs,auth_rpcgss,nfs_acl,lockd jfs 151124 0 raid10 19696 0 dm_bbr 9656 0 dm_snapshot22180 0 dm_crypt 11148 0 dm_mirror 13076 0 dm_region_hash 10704 1 dm_mirror dm_log 8680 2 dm_mirror,dm_region_hash dm_mod 57896 5 dm_bbr,dm_snapshot,dm_crypt,dm_mirror,dm_log scsi_wait_scan 1056 0 sbp2 19648 0 ohci1394 26352 0 ieee1394 75548 2 sbp2,ohci1394 sl811_hcd 9408 0 usbhid 31684 0 ohci_hcd 21528 0 ssb38308 1 ohci_hcd uhci_hcd 19248 0 usb_stora
Re: [gentoo-user] udev & baselayout
On Fri, 1 Jan 2010 11:52:51 +0100, meino.cra...@gmx.de wrote: > the udev-scripts reports while booting that it is made for > baselayout 2 and not for baselayout 1, which I am using. > I tried to figure out, what version of udev I have to > use for baselayout 1 with no success. The same version, but you don't need the init script with BL1. Remove it from all runlevels with rc-update. Baselayout-1 starts a number of services automatically, including udev, while BL2 relies on init scripts to start them. -- Neil Bothwick Facts are stubborn, but statistics are more pliable signature.asc Description: PGP signature
Re: [gentoo-user] udev & baselayout
Am Freitag 01 Januar 2010 11:52:51 schrieb meino.cramer: > (or what should I do to circumvent the problem?) You could migrate to BL2. Bye... Dirk
Re: [gentoo-user] redirect connections to localhost
On Friday 01 January 2010, Alexander wrote: > On Friday 01 January 2010 03:07:42 Etaoin Shrdlu wrote: > > On Thursday 31 December 2009, Alexander wrote: > > > Is there a way to redirect TCP connections from external network > > > interfaces to the local/loopback in network 127.0.0.0/8? I need > > > functionality like DNAT target in iptables. > > > > Uh...why don't you use DNAT then? > > This doesn't work, because kernel drops any packets that come from external > network to 127.0.0.0/8. Of course it does. But in these cases, the workaround is assigning a non-127 address to the lo interface, like 192.168.0.1/32 for example, and DNAT to that address (and have whatever program should receive the data listen on 192.168.0.1, of course).
[gentoo-user] udev & baselayout
HAPPY NEW YEAR! HI, the udev-scripts reports while booting that it is made for baselayout 2 and not for baselayout 1, which I am using. I tried to figure out, what version of udev I have to use for baselayout 1 with no success. Where can I find the appropiate version information (or what should I do to circumvent the problem?) Best regards, mcc -- Please don't send me any Word- or Powerpoint-Attachments unless it's absolutely neccessary. - Send simply Text. See http://www.gnu.org/philosophy/no-word-attachments.html In a world without fences and walls nobody needs gates and windows.
Re: [gentoo-user] udev problem during boot
What version of udev? Recent versions are not compatible with older kernels, they need a *very* recent kernel "Francisco Ares" wrote: >Hi > >After a lot of updates without rebooting (I`ve been keeping my computer on >during several weeks), now it can`t boot anymore. Thanks to the LiveDVD I`m >able to try somethings, including a "emerge --sync" and a "emerge -vuDN >world", followed up by a "etc-update" and a "revdep-rebuild" - nothing >strange and no results. > >The error message is like this (I had to copy it by hand, sorry for any >typo): > >*Press I to enter interactive mod > * Mounting proc at /proc ... [ok] > *** Skipping mount of /sys as /sys/kernel exists >** *** Mounting /dev ... [ok] >** * Starting udevd ... [ok] >** >** * Populating /dev with existing devices through uevents ... [ok] >** >** * Assuming udev failed somewhere, as /dev/zero does not exist ** >** * Mounting devpts at /dev/pts ...[ok] >** >** * Caching service dependencies ... ** >[ok]** >Can't open /dev/fb0 or /dev/fb/0 >failed to configure resolution and icon positioning >Failed to load theme 'livecd-2007.0' >** * Checking root filesystem ... >Failed to open the device '/dev/sda9': No such file or directory > > >** * Filesystem couldn't be fixed :( >Give root password for maintenance >(or type Control-D to continue): >** ** ** >*Giving root password and listing the contents of the '/dev' directory, >there are very few entries, none for my disk partitions, for example. > >I`ve already re-emerged udev, baselayout, and even built a new kernel - >currently using 2.6.27-r7 and tried 2.6.30-r8 (I guess there`s nothing to do >with the kernel, but I've built it just in case) > >Most probably I missed some messages during the ebuilds of the updates I've >been applying. > >Any ideas on where to look for? > >Thanks a lot! >Francisco >-- >"If you have an apple and I have an apple and we exchange apples then you >and I will still each have one apple. But if you have an idea and I have one >idea and we exchange these ideas, then each of us will have two ideas." - >George Bernard Shaw -- Sent from my Android phone with K-9. Please excuse my brevity.
Re: [gentoo-user] redirect connections to localhost
On Fri, 1 Jan 2010 02:04:56 +0300 Alexander wrote: > Hi. > > Is there a way to redirect TCP connections from external network interfaces > to > the local/loopback in network 127.0.0.0/8? I need functionality like DNAT > target > in iptables. > You can use ip-proxy daemon like net-misc/stone or net-proxy/haproxy. -- Mike Kazantsev // fraggod.net signature.asc Description: PGP signature
