Gabor Walter wrote: > Hi, > > I would like to encrypt my entire root fs using cryptsetup-luks under FC4. > I didn't find any fedora specific howtos, but what I tried doing is > supposed to work under other distributions. > I have three partitions, (no lvm) > /dev/hda1 /boot > /dev/hda2 swap > /dev/hda3 / > > What I wanted to achieve was an ecrypted / and a modified initrd image to > ask for the passphrase at boot. > Here is what I did: > 1. installed FC4 > 2. installed cryptsetup > 3. booted into a live cd > 4. tar-red the entire / and ftp-d it to another computer > 5. using cryptsetup on the live cd I created the encrypted /dev/hda3 > 6. ftp-d the tar file back and extracted it > 7. chroot-ed to the hdd > 8. mkinitd kernel.img kernel I'm wondering about using dm-crypt and deriving the key from the motherboard. I was wondering about building into the kernel the structures initiated with cryptsetup. Messing with Yaird, problems from udev, and possibly increased complexity of using kgdb on the kernel leads me to suspect that this is a easier path. Since protecting the contents of an embedded device is likely a common problem, I wonder why I this isn't already part of dm-crypt. -piet > > After reboot, however, system is not booting, not even asking for the > passphrase. > What did I do wrong? > Your help is really appreciated. > > Gabor Walter > Hungary --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
