I'm guessing that you are bypassing your crypt device. Depends on
what your arguments are to the LVM commands.
cryptsetup will create a new device that sits on top of sda3 - you
should use that one. Do not use sda3 directly.
brassow
On Jul 31, 2007, at 8:08 PM, chris wrote:
Hi all,
I was not sure which list to send this to, so I choose a couple
that looked like decent fits, please advise if there is one more
specific to the encryption.
I am currently working on a project where we are converting some of
our filesystems to an encrypted fs using LVM2. We are running
RHEL: "2.6.9-55.0.2.ELsmp #1 SMP Tue Jun 12 17:59:08 EDT 2007 i686
i686 i386 GNU/Linux"
We setup an encrypted filesystem using one of the open partitions
on the physical hard drive using "cryptsetup create /dev/sda3" We
have verified this using the cryptsetup status, This shows the
filesystem as being encrypted as aes_plain 256 bit key. We then
created an LVM and mounted the filesystem using the LVM.
All seems to be well, except when our testers ran the following
command:
head -c 5000 /dev/sda3
They got some output that includes clear text and obviously not
encrypted data (along with encrypted data). Some things are date
formatted strings like 20050912 which appears quite a few times in
the mounted filesystem, and in the raw device (/dev/sda3).
I can post the exact commands that were used to create the
filesystem, but they are basically
create partition ...sda3
cryptsetup create /dev/sda3 (prompts for passphrase)
pvcreate
vgcreate
lvcreate
mount
(TIA) any help (or light shed on this) is greatly appreciated!
-chris
--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel
--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel
