Hi,
Am 08.02.2017 um 13:33 schrieb Houtchen, Steven:
Hello,
I am trying to use “crypsetup” setup ant “parted” together.
I want to use “cryptsetup” to encrypt a whole solid state disk,
and then use “parted” to create partitions on it with a GPT partition
table. I have be able to do the first task, but not the second.
Usually partitions are handled directly in the kernel which creates the
inodes (well depending on the system there's udev in the equation
aswell). Anyhow the kernel only looks at physical devices for that (not
pseudoblockdevices like device-mapper targets etc.)
That being said:
This mode of operation is possible, but the kernel won't create
blockdevice inodes for the partitions after the dm-crypt blockdevice
comes up. It is possible to used specific tools like kpartx IIRC, to get
additional dm targets for each of the partitions. Be reminded however,
that gpt does have a secondary partition table in the end of the device,
which will give you extra fun, when you scale a container holding you
partitions.
If you want to save time and trouble you don't want to go this route.
Or vice versa. Create a few partitions, and then optionally
encrypt each one individually. I have be able to do the first
task, but not the second.
This is the typical mode of operation as this removes some critical
stuff from the equation. Usually you will create your GPT partitions and
then create the cryptomapping and then the filesystems. You are free
however to throw in any additional block layer as you wish.
So my question is, is “cryptsetup” compatible with parted and
GPT partition table? Or do need to use something like “lvm2”
to accomplish what I am trying to do?
Yes they are compatible, you can use lvm2 if you wish, but there's no
need if you don't use large scale storage with dynamic needs.
I am using CentOS7 with
[root@dts1 ~]# cryptsetup --version
cryptsetup 1.6.7
[root@dts1 ~]#
[root@dts1 ~]# parted --version
parted (GNU parted) 3.1
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Written by
<http://git.debian.org/?p=parted/parted.git;a=blob_plain;f=AUTHORS>.
[root@dts1 ~]#
Both versions are a little outdated but should work as expected.
Thanks for any help you can give me..
*Steve Houtchen
*Senior Software Engineer
*Curtiss-Wright
*2600 Paramount Place, Suite 200, Fairborn, OH 45324
T: 937.610.5420 | F: 937.252.1465
shoutchen@xxxxxxxxxxxxxxxxx <mailto:shoutchen@xxxxxxxxxxxxxxxxx> |
www.curtisswrightds.com <http://www.curtisswrightds.com/>
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
Regards
-Sven
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
