> That is already solved (I had selected it somehow) by simply deselecting it.
>
> But is now a little OT. I now try to compile x11-libs/libxcb, and
> dev-python/elementtree is not installed on my system.
There is hope for this matter, see my forum posting:
http://forums.gentoo.org/viewtopic-p-7
> Try `emerge -pvT $foo`. With whatever package $foo you are trying to
> install.
That is already solved (I had selected it somehow) by simply deselecting it.
But is now a little OT. I now try to compile x11-libs/libxcb, and
dev-python/elementtree is not installed on my system.
> Regards,
> Fl
To add my 2¢:All you need is build initram and pass it as a argument to pre configured kernel (with needed encryption and hash algorithms built in)
Initram scripts are on github here https://github.com/tokiclover/mkinitramfs-ll Can I also use dracut? Or won't it setup initrd? I I didn't setup LVM
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04.09.2012 22:05, "Roland Häder" wrote:
> Okay, I have setup so far this:
>
> /dev/sda1 - /boot (unencrypted) /dev/sda2 - swap (not yet setup,
> will be encrypted) /dev/sda3 - / (encrypted)
>
> /dev/sda3 is the underlaying drive, where I used gpg:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04.09.2012 20:48, Michael Hampicke wrote:
>> In theory grub2 is able to open a luks-encrypted volume though
>> it seems to have some disadvantages: you'll need to enter the
>> passphrase (or pass the keyfile) two times, because grub itself
>> needs
Okay, I have setup so far this:
/dev/sda1 - /boot (unencrypted)
/dev/sda2 - swap (not yet setup, will be encrypted)
/dev/sda3 - / (encrypted)
/dev/sda3 is the underlaying drive, where I used gpg:
# gpg --decrypt key.gpg | cryptsetup --verbose luksFormat /dev/sda3
# gpg --decrypt key.gpg | crypts
> 1. Maybe it would be a good idea to use an ASCII-only random string, for
> example by piping it through `base64 -w 0`. That way you don't loose any
> entropy (the key just gets longer) but it is easier to type the keyfile
> manually, in case you ever need to. You also don't have to worry about
>
> In theory grub2 is able to open a luks-encrypted volume though it
> seems to have some disadvantages: you'll need to enter the passphrase
> (or pass the keyfile) two times, because grub itself needs to decrypt
> the volume to get the later stages from the encrypted volume and
> afterwards the dec
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04.09.2012 15:48, "Roland Häder" wrote:
> I think I made a (tollerateable) mistake:
>
> My hard drive has two partitions: - sda1 - encrypted swap - sda2 -
> encrypted root
>
> How should it boot? One way could be by external media (e.g.
> stick),
"Roland Häder" wrote:
> - sda2 - encrypted swap (at least as double as your RAM) (crypt-swap)
>
> Regards,
> Roland
>
> [1]: http://wiki.gentoo.org/wiki/DM-Crypt
>
>
I don't think this is true anymore. It was back when machines had small
amounts of ram. Case in point, I have 16Gbs of ram. If I
I think I made a (tollerateable) mistake:
My hard drive has two partitions:
- sda1 - encrypted swap
- sda2 - encrypted root
How should it boot? One way could be by external media (e.g. stick), other is
from hard drive. But that is encrypted. So I must leave a small area left for
kernel, initrd,
Okay, I have made a little progress. I have generated my private key using some
random data + gpg:
# head -c 3705 /dev/urandom | head -n 66 | tail -n 65 > key.out
# gpg --symmetric -a --s2k-count 8388608 key.out
# mv key.out.asc key.gpg
# rm -f key.out
Now I have to copy that file on my stick a
> No comment on dracut as I have no experience with it.
Okay, so I have to try it out myself. When I found something out, I expand the
wiki with it.
>
> However, as I see it, you need no key file if you just use a pass
> phrase. In my opinion, a key file is only necessary for two improvements:
> You forgot the link to [1].
Already mailed but here again:
http://wiki.gentoo.org/wiki/DM-Crypt
> Never used loop-aes myself. Sorry if I miss the reason for your
> confusion because of it.
http://loop-aes.sourceforge.net
There is the source code. It needs patched util-linux(-ng) package to get
14 matches
Mail list logo
