Jonas Meurer wrote:
> update the keyfiles to point their real location (in your example above
> this seems to be /media/hdd1, not /media/STICK.
> apart from that, it looks good.
>
/media/STICK might be the perfect position to mount. We cannot reference
files inside block devices that are not logically mounted somwhere, can
we? :-) Especially in UDEV context /media/STICK can be a very good mount
point combined with something in the lines i describe below.
I use this in my UDEV rules to make sure one of my USB sticks is always
mounted in a proper way:
# /etc/udev/usbsticks.rules
# also make: ln -s /dev/udev/usbsticks.rules /dev/udev/099_usbsticks.rules
BUS=="scsi", SYSFS{vendor}=="Kingston", SYSFS{model}=="DataTraveler II+", \
KERNEL=="sd[a-z]", \
NAME="usb/workstick", SYMLINK="%k", \
OWNER="holst", GROUP="holst", MODE="660"
Then mount /dev/usb/workstick to /media/STICK.
It's also perfectly legal to change the permissions to NOT be readable
by everyone even if the filesystem is FAT32. Check out the man page for
"mount" and search for the vfat options (fmask, dmask, ...). FAT32 is
not a reason for poor OS security.
Regards,
Henrik Holst
---------------------------------------------------------------------
- http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
