John Maher wrote:
Hello,
I would like to use cryptsetup-luks to have an encrypted /home partition
on my laptop that uses Fedora Core 4. There is much I still need to
figure out to make this happen (my Linux skills are far from advanced),
but it makes sense to me that I should use the boot.cryptmap init
script. However, I'm not sure how to utilize that script on Fedora.
Here are the things I would greatly appreciate help with:
1. How do I make the script interactive in Fedora so that on boot the
system prompts for my cryptsetup password and waits until the password
is entered. I assume this is necessary, and the README that comes with
boot.cryptmap is clear as to how to do this with Suse, but Fedora
appears to be quite different.
2. Where would I place the script in the boot order? Before the autofs
init script begins?
3. How do I configure my system to call "boot.cryptmap pre_stop". My
understanding of the action taken with init scripts during shutdown is
that init calls each of the scripts (e.g., K87named) with a "stop"
argument. So, how would pre_stop be used?
If this information is wildly too general, I apologize. I would be
happy to provide my details.
Thank you.
John
I have not used the boot.cryptmap script on FC4. I have used the wiki
instructions here:
http://www.saout.de/tikiwiki/tiki-index.php?page=EncryptedDeviceUsingLUKS
for setting up my encrypted partitions.
The information here:
http://www.saout.de/tikiwiki/tiki-index.php?page=EncryptedSwap
for setting up encrypted swap with a random boot key and the script here:
http://www.saout.de/tikiwiki/tiki-index.php?page=luksopen
for boot time prompts for the passphrase to open the LUKS protected
partitions. Be sure to note my comment (#2) on the script relative to
the bash shell related issue. I put the script in /etc/rc.d/rc.local and
it works fine at boot.
HTH,
Marc Schwartz
---------------------------------------------------------------------
- http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx