-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Marc Schwartz wrote: Marc, thanks for your help. > I have not used the boot.cryptmap script on FC4. I have used the wiki > instructions here: > > http://www.saout.de/tikiwiki/tiki-index.php?page=EncryptedDeviceUsingLUKS > > for setting up my encrypted partitions. Yes, these instructions worked well for me too. > The information here: > > http://www.saout.de/tikiwiki/tiki-index.php?page=EncryptedSwap > > for setting up encrypted swap with a random boot key I had not tried to encrypt swap. Except for highly secure systems, it did not seem important to me. I, of course, could be wrong. >and the script here: > > http://www.saout.de/tikiwiki/tiki-index.php?page=luksopen > > for boot time prompts for the passphrase to open the LUKS protected > partitions. Be sure to note my comment (#2) on the script relative to > the bash shell related issue. I put the script in /etc/rc.d/rc.local and > it works fine at boot. I didn't notice in the luksopen information anything written about boot time prompts for the passphrase. If you place /sbin/luksopen in /etc/rc.d/rc.local (after ensuring luksopen is in /sbin), does the boot process pause and prompt for a passphrase automatically? I saw the luksopen script, but I was hesitant to place it in rc.local because I thought that 'cryptsetup luksClose' needed to be executed before shutting down, and I didn't see how that would happen. Any thoughts on that? John -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFEcSCUuY7WcSII22oRAj3vAJ9Oisx8q91CsJDboTdTpwaqApZeywCdH3ER GGFViEBJ9R7k1Rd5BTN3ks8= =PD5c -----END PGP SIGNATURE----- --------------------------------------------------------------------- - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
