[gentoo-user] Encrypting removable media
I have a bit of chicken-and-egg problem trying to get encrypted removable devices to work as normal as possible. Using Loop-AES and a GPG-encrypted key I had no problems encrypting my external FW drive, but to pass all the options to losetup without entering them by hand every time, I need an fstab entry. The drive shows up as /dev/sda, but putting /dev/sda1 there is no good as it would try to use Loop-AES on *every* external drive. So far I could just use volume labels in my fstab to distinguish any number of drives---well, I used to until hald/dbus made that automatic. But now there are no labels any more as they get encrypted as well. Has anyone come up with a solution for this yet? I could imagine some plugin for the hotplug system that checks /proc/scsi/scsi for a certain model before mounting. Not the cleanest solution either but as my external drives are different models it would work for me. I don't have much of a clue about the hotplug system though... regards Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgpG2ljrhKBsH.pgp Description: PGP signature
Re: [gentoo-user] Encrypting removable media
On Friday 24 February 2006 15:18, Matthias Bethke wrote: I have a bit of chicken-and-egg problem trying to get encrypted removable devices to work as normal as possible. Using Loop-AES and a GPG-encrypted key I had no problems encrypting my external FW drive, but to pass all the options to losetup without entering them by hand every time, I need an fstab entry. The drive shows up as /dev/sda, but putting /dev/sda1 there is no good as it would try to use Loop-AES on *every* external drive. So far I could just use volume labels in my fstab to distinguish any number of drives---well, I used to until hald/dbus made that automatic. But now there are no labels any more as they get encrypted as well. Has anyone come up with a solution for this yet? I could imagine some plugin for the hotplug system that checks /proc/scsi/scsi for a certain model before mounting. Not the cleanest solution either but as my external drives are different models it would work for me. I don't have much of a clue about the hotplug system though... With udev you can create hardware-specific devices (meaning you can have a device in /dev that corresponds exactly to some particular hard disk), based on various hardware-specific information (eg, manufacturer name or device id and many others) See http://www.reactivated.net/writing_udev_rules.html for the details. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Encrypting removable media
Hi Etaoin, on Friday, 2006-02-24 at 15:42:39, you wrote: With udev you can create hardware-specific devices (meaning you can have a device in /dev that corresponds exactly to some particular hard disk), based on various hardware-specific information (eg, manufacturer name or device id and many others) See http://www.reactivated.net/writing_udev_rules.html for the details. Looks like just the ting I need, plus some education :) Thanks very much for the ultra-speedy reply! Gotta love the Gentoo lists... cheers! Matthias -- I prefer encrypted and signed messages. KeyID: FAC37665 Fingerprint: 8C16 3F0A A6FC DF0D 19B0 8DEF 48D9 1700 FAC3 7665 pgphYkGjTGJ6A.pgp Description: PGP signature