Hi all,
I have been experimenting a little bit with loop-AES and a 200GB Maxtor
disk. I have made a partition (formatted with reiserfs 3.6) /dev/hda1
(200GB) and encrypted it with loop-AES 3.0b (AES256), multi-key. I have
Samba sharing it, so I can use it on my Windows machine over the
network. All this works just fine, but after some time I can get an
error message in Windows saying that there is an I/O error on the
device. I get this when I try to copy/use/move a file on the partition.
I have tried to access the file in Linux too, but then I just get
"permission denied" even if I'm root.
Running fsck on the loop-device finds corrupt files and tells me that
the only way to fix this is to run --rebuild-tree. I tried this once,
but that just didn't work resulting in a totally corrupt filesystem.
I read in the loop-AES README-file that write cache should be disabled.
I have hdparm -W 0 /dev/hda in rc.local (should it be here?), but I'm
not sure how to check if this is actually turned off after booting. Is
this the way to turn off write caching? Something else I should disable?
Anyway, I have tried a couple of times to re-format and setup the
encryption on the disk; always resulting in the same problem after some
time of usage. The last thing I tried was to partition the disk into two
partitions 100GB each. I copied files to the partitions. /dev/hda1 was
okey when I ran fsck on it. Then when I ran fsck on /dev/hda2 I
encountered some corruptions. I thought I could just copy over the files
from /dev/hda2 to /dev/hda1 and just leaving the corrupt ones. This
seemed to work, but after the copying, when I ran fsck on /dev/hda1 it
contained corrupt files as well. Even if there was only one files, which
was corrupt on /dev/hda2 (this was not copied to /dev/hda1).
Does anyone have any ideas what might be wrong in my setup? I can supply
you with additional information if you need, because I'm not sure what
might be useful to know.
Lastly, I mount the disks manually with:
losetup -e AES256 -K /path/to/enc.key /dev/loop6 /dev/hda1
mount /dev/looop6 /mnt/disk1
and unmount with:
umount /mnt/disk1
losetup -d /dev/loop6
Just recently I realized that it might be good to do the fsck too, but
I'm not sure at which point this should be done. As I have it now, I
have a script which automatically sets up the loop, fscks the partition
and mounts it. Is this a good approach or when should you fsck the
partition? What about unmounting the disks, should something special be
done or is umount /mnt/disk1 && losetup -d /dev/loop6 enough?
I would appreciate any kind of help in this matter, because it is really
bugging me to always get corrupt partitions after some time of usage.
Thanks for a great mailing list!
Best regards,
Tommy
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/