hello auditorium, (this email was lost and is send again, so wrong sort order) > may not work as expected / at all. You did see the big warning > screen, right? ;-) If you meen that one which opens after reaching (if reaching ! ) the crypto-menu, Yes.- But I allready know about the state of testing/unstable, linux, anyway..... > filesystem, mountpoint, etc.) as two separate steps. You need to > first setup the encrypted block device, then select "Configure > encrypted partitions". > > This is explained in the Installation Guide[1], btw. > Is it ? I read it again, O.K. I had it overlooked only, instead of really read it, but I did it now, in "6.3.2.4. Configuring Encrypted Volumes" I could really read something that I eventually can understand if someone told me what is meant. My netinst.iso is non-english which lets something lost in translation related to the englich guide. Under all circumstances is must be shure that the part of partioning is completely done with or without encryption so that the user gets a chance of choosing encryption or not when it is time to do so. Than and only than when that is completed should the questions about ext2, ext3 and so on, come.- When I read your answer to my email, 10 hrs ago, I spontanious tryed again to netinst.iso, this time with the build from 01.Aug.2006 and the knowledge of now. I managed to set up dm-crypted partions for swap and "/" and than let it go. I finally reached the point of rebooting and had to give the PW 3 (tree)-times on the level below X and than X and gnome came. Despite the fact that I hate gnome, I should give again 2 times the PW, but the testsystem hangs itself. I rebootet again to make shure that this was not an exception and than I typed this reply. > Overall the events in the installer leading up to key generation > do not provide enough input to the kernel entropy pool to allow > extraction of the 2925 bytes we need foreach loop-AES key, and so > you are asked to "please bang on the keyboard like a monkey" ;-) > until the pool gets enough input. What does Jari Ruusu use when he suggests head -c 2925 /dev/random | uuencode -m - | head -n 66 | tail -n 65 | gpg --symmetric -a >/boot/rootkey.gpg Is he using /dev/urandom ? - If your are a crypto-developer yourself have a look at the ERPOSS3 and 4 distros. Maybe it's interesting how they do it or how it is not to do. "3" is using crypto-api (if I remember well) and "4" is using dm-crypt with luks. "4" has the unpractical problem of asking 4-times for the PW if swap and "/" is crypted, which may bring users to trivial or short PWs, anyway, it's working but I don't trust anything related to the german government. (http://source.rfc822.org/pub/local/erposs/). I will later grab these both crypto-distros to check them again because they could be good for people outside the direct influence of german government and than a report should be placed here. > About the crash in this menupoint, can you describe in more > detail exactly when/how it crashes. What happens after it has > crashed ? Does the installer "hang", or does it continue? The Testsystem is usually standing left of me and I hacked with the left hand while working on the normal-PC in front of me, who's having the main- attention. After minutes I realised a quick red message left of me, when, maybe half the work had been done and I was one menu-stage deeper. The testsystem did not hang nor did the debian-menu hang, I mean I just was on the level where partitioning, clock-setting and so on is to choose. I did that several times in case of exceptions.- > How much memory does this system have? It has 512 MB which are nearly never used and never surprised me in the last 3,5 years, a poor-mans-Laptop btw.., new 60-GB-hd. When I have been recovered, I try again, this time choosing loop-AES, if that is possible, I than will give feedback immediatly. Before that, I will check for a new daily-build, which, in case, is used than. The enemy knows a lot about you, ........know the enemy, Reverend - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
