Re: boot.cryptmap on Fedora?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

John Maher wrote:

Hello,

I would like to use cryptsetup-luks to have an encrypted /home partition
on my laptop that uses Fedora Core 4.  There is much I still need to
figure out to make this happen (my Linux skills are far from advanced),
but it makes sense to me that I should use the boot.cryptmap init
script.  However, I'm not sure how to utilize that script on Fedora.

Here are the things I would greatly appreciate help with:

1.	How do I make the script interactive in Fedora so that on boot the
system prompts for my cryptsetup password and waits until the password
is entered.  I assume this is necessary, and the README that comes with
boot.cryptmap is clear as to how to do this with Suse, but Fedora
appears to be quite different.

2.	Where would I place the script in the boot order?  Before the autofs
init script begins?

3.	How do I configure my system to call "boot.cryptmap pre_stop".  My
understanding of the action taken with init scripts during shutdown is
that init calls each of the scripts (e.g., K87named) with a "stop"
argument.  So, how would pre_stop be used?

If this information is wildly too general, I apologize.  I would be
happy to provide my details.

Thank you.

John
I have not used the boot.cryptmap script on FC4. I have used the wiki instructions here: 

http://www.saout.de/tikiwiki/tiki-index.php?page=EncryptedDeviceUsingLUKS

for setting up my encrypted partitions.

The information here:

  http://www.saout.de/tikiwiki/tiki-index.php?page=EncryptedSwap

for setting up encrypted swap with a random boot key and the script here:

  http://www.saout.de/tikiwiki/tiki-index.php?page=luksopen
for boot time prompts for the passphrase to open the LUKS protected partitions. Be sure to note my comment (#2) on the script relative to the bash shell related issue. I put the script in /etc/rc.d/rc.local and it works fine at boot. 

HTH,

Marc Schwartz


---------------------------------------------------------------------
 - http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
[Index of Archives]     [Device Mapper Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux