[gentoo-user] Bittorrent tracker available with gentoo miniinstall ISOs
Hello, I have added (more may follow) both ISOs of the AMD64 and I386 mini-installer as torrents to my tracker: http://mxchange.org:23456/ AMD64: http://mxchange.org:23456/file?info_hash=%C5%C4%B2%88%92%F5%A9O%01udg%92%17gy%22%9A%ED%B7 I386: http://mxchange.org:23456/file?info_hash=i8%C1%5D%0D%FE%A8M%8E%C5k%FE%B9%8A%1E%A2%9A9%DB%7B I thought you might be interested in. :) I can track more if you like (of course no illegal things). Regards, Roland
[gentoo-user] Re: errors with mplayer and mp3 files
On 02/09/12 18:39, cov...@ccs.covici.com wrote: Nikos Chantziaras rea...@gmail.com wrote: The solution is simple. Use mad -mp3 as USE flags for mplayer. I just did the same and mplayer now only uses libmad to play MP3s. [...] Thanks much -- it seems to be working now. I had never heard of the mad before -- learn something new every day. This list is very nice and helpful. The MAD decoder was actually always well known for its very high accuracy in decoding. But I suppose other decoders finally catched up to it, so these days I suppose mpg123 might offer the same quality as MAD. Not that anyone tested though (as far as I'm aware.)
Re: [gentoo-user] Bittorrent tracker available with gentoo miniinstall ISOs
Good idea - remind me on getting the latest iso's. Thanks a lot Oli On 2012-09-03 17:53, Roland Häder wrote: Hello, I have added (more may follow) both ISOs of the AMD64 and I386 mini-installer as torrents to my tracker: http://mxchange.org:23456/ AMD64: http://mxchange.org:23456/file?info_hash=%C5%C4%B2%88%92%F5%A9O%01udg%92%17gy%22%9A%ED%B7 I386: http://mxchange.org:23456/file?info_hash=i8%C1%5D%0D%FE%A8M%8E%C5k%FE%B9%8A%1E%A2%9A9%DB%7B I thought you might be interested in. :) I can track more if you like (of course no illegal things). Regards, Roland
[gentoo-user] dm-crypt + ext4 = where will the journal go?
Hi all, I'm currently testing dm-crypt to encrypt my whole hard drive. So far I followed this [1] guide and have to wait for the randomization part of the hard drive. In the wiki, ext4 is being used. Since ext3 a journal has been added. From my times with loop-aes I know that I have to store the journal through an encrypted loop device else it might be written on the hard drive. As of I'm new to dm-crypt and Gentoo, where will that journal now go? Any help is welcomed. :) Regards, Roland
Aw: [gentoo-user] dm-crypt + ext4 = where will the journal go?
Opps, here is the missing link: http://wiki.gentoo.org/wiki/DM-Crypt (I don't think it is a good idea to store the keyFile somewhere plain, [2] tells that there is support for crypt-gnupg, but it doesn't show any help how to setup it. [2]: http://wiki.gentoo.org/wiki/Dracut
Re: [gentoo-user] dm-crypt + ext4 = where will the journal go?
Am 03.09.2012 22:20, schrieb Roland Häder: Hi all, I'm currently testing dm-crypt to encrypt my whole hard drive. So far I followed this [1] guide and have to wait for the randomization part of the hard drive. You forgot the link to [1]. In the wiki, ext4 is being used. Since ext3 a journal has been added. From my times with loop-aes I know that I have to store the journal through an encrypted loop device else it might be written on the hard drive. Never used loop-aes myself. Sorry if I miss the reason for your confusion because of it. As of I'm new to dm-crypt and Gentoo, where will that journal now go? Opening a dmcrypt volume creates a mapped block device in /dev/mapper. You treat it like a partition and format it with ext4. Unless you use some exotic flags for mke2fs, the journal will be put on the same block device and is encrypted along with the rest of it. So: No need to worry about it. Hope this helps, Florian Philipp signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] dm-crypt + ext4 = where will the journal go?
The journal is generally located on the partition in question. If the partition is encrypted the journal should also be encrypted. You can use `tune2fs -l` to list the contents of the partition's superblock which will have details on the partition such as journal location, etc... On Mon, Sep 3, 2012 at 4:20 PM, Roland Häder r.hae...@web.de wrote: Hi all, I'm currently testing dm-crypt to encrypt my whole hard drive. So far I followed this [1] guide and have to wait for the randomization part of the hard drive. In the wiki, ext4 is being used. Since ext3 a journal has been added. From my times with loop-aes I know that I have to store the journal through an encrypted loop device else it might be written on the hard drive. As of I'm new to dm-crypt and Gentoo, where will that journal now go? Any help is welcomed. :) Regards, Roland -- Sincerely, Steve Buzonas Jr.
Aw: Re: [gentoo-user] dm-crypt + ext4 = where will the journal go?
You forgot the link to [1]. Already mailed but here again: http://wiki.gentoo.org/wiki/DM-Crypt Never used loop-aes myself. Sorry if I miss the reason for your confusion because of it. http://loop-aes.sourceforge.net There is the source code. It needs patched util-linux(-ng) package to get working. Also you should not use (crypt-)loop because it conflicts with it (see README inside tar ball). It also provides a really simple swap encryption: - /etc/fstab - /dev/blaX noneswap sw,loop=/dev/loop0,encryption=AES256,itercountk=100 0 0 This will make sure that everytime you bootup your system a new encryption is setup with an iteration of 100 (still performant enough for most things). Opening a dmcrypt volume creates a mapped block device in /dev/mapper. You treat it like a partition and format it with ext4. Unless you use some exotic flags for mke2fs, the journal will be put on the same block device and is encrypted along with the rest of it. So: No need to worry about it. Thank you for the explanation. Maybe it should be added to the wiki? Hope this helps, Florian Philipp Sure it does. :) Roland
Re: [gentoo-user] dm-crypt + ext4 = where will the journal go?
Am 03.09.2012 22:36, schrieb Roland Häder: Opps, here is the missing link: http://wiki.gentoo.org/wiki/DM-Crypt (I don't think it is a good idea to store the keyFile somewhere plain, [2] tells that there is support for crypt-gnupg, but it doesn't show any help how to setup it. [2]: http://wiki.gentoo.org/wiki/Dracut No comment on dracut as I have no experience with it. However, as I see it, you need no key file if you just use a pass phrase. In my opinion, a key file is only necessary for two improvements: 1. Two-factor authentication (read: encrypted key file) 2. Avoiding re-typing the pass phrase for multiple dmcrypt partitions You can easily achieve the second point by putting an unencrypted key file on the first partition which you encrypt with a pass phrase. You don't even need dracut for this, /etc/conf.d/dmcrypt lets you configure it easily (as long as it doesn't affect /usr). However, I personally find it easier to put LVM on a single dmcrypt volume and be done this. All you need for this to work are two lines in /etc/rc.conf: rc_dmcrypt_before=lvm rc_dmcrypt_after=udev Regards, Florian Philipp signature.asc Description: OpenPGP digital signature
Aw: Re: [gentoo-user] dm-crypt + ext4 = where will the journal go?
No comment on dracut as I have no experience with it. Okay, so I have to try it out myself. When I found something out, I expand the wiki with it. However, as I see it, you need no key file if you just use a pass phrase. In my opinion, a key file is only necessary for two improvements: Entering just a pass phrase means that this pass phrase will be used to decrypt the device, if you decrypt a key before and then with that key decrypt all your volumes you have a much better security because that key will then be used as 'pass phrase' which is *way* much stronger (4096+ chars + ~10-20 chars you can remember). 1. Two-factor authentication (read: encrypted key file) 2. Avoiding re-typing the pass phrase for multiple dmcrypt partitions See above. :) You can easily achieve the second point by putting an unencrypted key file on the first partition which you encrypt with a pass phrase. You don't even need dracut for this, /etc/conf.d/dmcrypt lets you configure it easily (as long as it doesn't affect /usr). Okay, I look into this. However, I personally find it easier to put LVM on a single dmcrypt volume and be done this. All you need for this to work are two lines in /etc/rc.conf: rc_dmcrypt_before=lvm rc_dmcrypt_after=udev I'm new to LVM, does it setup key-based encryption (best is to put that key on an USB stick, so the attacker needs my stick). Regards, Roland
Aw: Re: [gentoo-user] dm-crypt + ext4 = where will the journal go?
Okay, I have made a little progress. I have generated my private key using some random data + gpg: # head -c 3705 /dev/urandom | head -n 66 | tail -n 65 key.out # gpg --symmetric -a --s2k-count 8388608 key.out Enter your password twice # mv key.out.asc key.gpg # rm -f key.out Now I have to copy that file on my stick and setup /etc/conf.d/dmcrypt: # whole root system encrypted with gpg key from removeable media target=crypt-root source='/dev/hdaX' key='/key:gpg' # This is your stick remdev='/dev/sda1' But what next? The example at [1] is based on key-only file (no passphrase). I know, later on /etc/conf.d/dmcrypt must be placed on the new root-fs but what now? I still have to setup it. cryptsetup doesn't do anything with gpg. So I have setup a pipeline?
