"Jan Klod" <janklodvan@xxxxxxxxx> wrote: > I have a question about loop-aes readme by Jari: is it assumed there that > no > initramfs is used when booting kernel (before loop-aes setup, that use > initrd.gz)? Root encryption requires a kernel which can boot the system *without* an initial ramdisk. This means you have to assure support for things like ext2/3, IDE or SATA and such is built into the kernel. Most linux distros ship with kernels failing to meet this requirement so you will therefore have to recompile them from source. To see if a kernel is suitable simply omit the initial ramdisk in your bootloader configuration. > If so, how to deal with those initramfs images necessary to boot? Common linux distros like SuSE, Ubuntu... create an initial ramdisk as part of their installation routine. This has to be done since the same kernel image is used for a wider variety of computers. For root encryption you have to assure that every single of theses drivers gets built into your kernel because this initial ramdisk will not be at hand any longer! > As I can't make it work, I am reading about how to create initramfs to > modprobe loop and losetup root file system... (How about losetup and mount > run time dependencies?) Loop-aes comes with a script called built-initrd.sh which takes care of everything concerning your new initial ramdisk. Configure the script in an editor properly, run it, an you will receive a working initial ramdisk just for your system. In case you change partitions or drives you will have to adapt & re-run this script. In case you have more questions just ask. You are free to provide configuration files giving others the opportunity to take a closer look at your discomforts. Kind regards, Peter -- Ist Ihr Browser Vista-kompatibel? Jetzt die neuesten Browser-Versionen downloaden: http://www.gmx.net/de/go/browser - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/