Peter_22@xxxxxx wrote: > > One of the requirements of encrypting root partition using build-initrd.sh > > script from loop-AES package is that kernel must include built-in support > > for all devices and file systems required by /boot and root file systems. > > I know that because this issue was mentioned in the AES Readme. But, on > installing Linux SuSE 9.0 the Setup detects my Serial ATA drive as SCSI > device and builds an initrd of about 300kb in size. > These files are in that initrd: > For SCSI: > - ata_via.o (the chipset is VT 8237 from Via KT800) > - libata.o > - scsi_mod.o > - sd_mod.o > Further, in case I choose the root fs to be ext3: > - ext3.o > - jbd.o Before build-initrd.sh script can be used, you need to convert your linux kernel boot to use normal no initrd boot. build-initrd.sh script creates new initrd that cannot co-exist with any other initrd. > build-initrd.sh has the option to load modules (up to 5, right?) and the > option to load a "tools-disk". Maybe that could help? Nope. Initrd created by build-initrd.sh can load additional modules from unencrypted /boot, which in your case is /dev/sda1 and won't work unless support for that device and file system is compiled built-in to kernel. "tools-disk" prompt is usefull when booting from floppy, where kernel and tiny initrd fit on first floppy, and second floppy includes gpg + losetup and other tools because first floppy does not have enough space. > In any case, > loop-aes warns me that loop.o will not work with the current kernel, even if > I compiled it according to the readme.txt (apart from the SCSI Subsys!). Correct compiling of kernel modules REQUIRES that you recompile your kernel first and leave untampered kernel sources and compile time generated files at same place where kernel compilation was done. If you don't do that, resulting module will most likely be incorrectly compiled and cause severe system instability and data loss. If you are unwilling to recompile your kernel, please refrain from using loop-AES and build-initrd.sh script. > So, do I really need to figure out the correct kernel submenues myself? Yes. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/