[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: system startup + cryptsetup

Am Montag, den 27.03.2006, 08:49 +0100 schrieb Gabor Walter:
> Hi,
> I want to encrypt my entire /home directory which is on a separate
> partition. I used cryptsetup which is available in FC5. I successfully
> created the encrypted partition and I also found a script at 
> http://www.saout.de/tikiwiki/tiki-index.php?page=luksopen which I
> would like to incorporate into my startup. The question is, where
> exactly?
> Should I (can I) modify rc.sysinit?
> Or should I just put it into rc.local?
If have put it in rc.local like:
sh /root/mount.encrypt.sh

and the Script to mount my USB-Stick with the key look like:
~ $ cat mount.encrypt.sh
#! /bin/sh
# simple script
# to mount the usb-stick with the encryption key
# put this into you rc.local wherever it sits on you machine
# sd card in the pmcia-slot
## my usb stick
if [ -e $DEVICE ]; then
     echo -n "mounting /home [$DEVICE as $MOUNTPOINT]"
     while (mount $DEVICE $MOUNTPOINT 2> /dev/null; [ $? -ne 0 ]); do
       echo -n "."
       sleep 1
     if [ -e $MOUNTPOINT/m70Key.gpg ]; then
        modprobe aes
        modprobe cryptoloop
        while (cat $MOUNTPOINT/m70Key.gpg |mount -p0 /home 2> /dev/null;
[ $? -n e 0 ]); do
            echo -n "+"
            sleep 1
        umount $MOUNTPOINT
        echo " done."
        echo " failed."

Hope this helps


> This is what I tried, but then I keep getting a message that /home
> needs a file system check and is corrupt (this sounds logical, because
> at this point the partition is neither opened nor mounted). 
> So it looks to me like a real catch-22.
> TIA for any suggestions.
> Gabor Walter
> Hungary
> -- 
> fedora-list mailing list
> fedora-list redhat com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]