Bates, Bob wrote:
> I have just started playing with dm-crypt and the last thing
> I did was to try a shutdown -r now. The system would not come
> up because of a bad filesystem on the encrypted disk. OK, makes
> sense, figure I need to tell fstab not to check it at boot time.
> For now I removed the line from fstab so I could get the system
> to come up.
Your shutdown scripts should do something like
umount /dev/mapper/<mapper_name>
cryptsetup remove <mapper_name>
at the right time, i.e. when everything that could be accessing the
device has already been killed but while cryptsetup is still available.
> But, once the system does come up I can't get it to mount. It tells
> me it is not a valid block device. If I try cryptsetup create again,
> it already exists. If I try and remove it I get still in use?
Try
cryptsetup remove <mapper_name>
cryptsetup -v -c <cipher> -b <device_size> create <mapper_name> <device>
(e.g. cryptsetup -v -c twofish -b 12345678 create hda3 /dev/hda3) and then
mount /dev/mapper/<mapper_name> /mountpoint
If you typo the passphrase, the mapper device will be created but it will
be unmountable. Once it's there you can't create it again without removing
it first. It is therefore a good idea to use remove before create in your
start-up scripts, so if you typo the passphrase you can just run the script
again. I use something like
if [ $ok != 1 ]
then
if [ -e /dev/mapper/name ]
then cryptsetup remove name
fi
cryptsetup -v -c cipher -b size create name /dev/device
mount /dev/mapper/name /mountpoint
if [ $? = 0 ]
then ok=1
fi
fi
Z
---------------------------------------------------------------------
dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/
To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx
For additional commands, e-mail: dm-crypt-help@xxxxxxxx
