Try `emerge -pvT $foo`. With whatever package $foo you are trying to
install.
That is already solved (I had selected it somehow) by simply deselecting it.
But is now a little OT. I now try to compile x11-libs/libxcb, and
dev-python/elementtree is not installed on my system.
Regards,
That is already solved (I had selected it somehow) by simply deselecting it.
But is now a little OT. I now try to compile x11-libs/libxcb, and
dev-python/elementtree is not installed on my system.
There is hope for this matter, see my forum posting:
To add my 2:All you need is build initram and pass it as a argument to pre configured kernel (with needed encryption and hash algorithms built in)
Initram scripts are on github here https://github.com/tokiclover/mkinitramfs-ll Can I also use dracut? Or wont it setup initrd? I I didnt setup LVM
On Wed, Sep 5, 2012 at 12:04 PM, Roland Häder r.hae...@web.de wrote:
To add my 2¢:
All you need is build initram and pass it as a argument to pre configured
kernel (with needed encryption and hash algorithms built in)
Initram scripts are on github here
dracut and genkernel will both set up initrd.
Okay, thank you. :)
Now I hang with this:
---
Emerging (1 of 203) dev-db/oracle-instantclient-basic-10.2.0.3-r1
* Fetching files in the background. To view fetch progress, run
* `tail -f
Am 05.09.2012 20:18, schrieb Roland Häder:
dracut and genkernel will both set up initrd.
Okay, thank you. :)
Now I hang with this:
---
Emerging (1 of 203)
dev-db/oracle-instantclient-basic-10.2.0.3-r1
* Fetching files in the background. To view
I think I made a (tollerateable) mistake:
My hard drive has two partitions:
- sda1 - encrypted swap
- sda2 - encrypted root
How should it boot? One way could be by external media (e.g. stick), other is
from hard drive. But that is encrypted. So I must leave a small area left for
kernel,
Roland Häder wrote:
- sda2 - encrypted swap (at least as double as your RAM) (crypt-swap)
Regards,
Roland
[1]: http://wiki.gentoo.org/wiki/DM-Crypt
I don't think this is true anymore. It was back when machines had small
amounts of ram. Case in point, I have 16Gbs of ram. If I have a
On Tue, 04 Sep 2012 09:15:31 -0500
Dale rdalek1...@gmail.com wrote:
I think the new method for determining swap is to use what makes sense
and not the old rule of 'twice the ram'.
Alan's new rule of swap is:
If you ever use swap as swap at all, find out how your machine is
misconfigured.
Alan McKinnon wrote:
On Tue, 04 Sep 2012 09:15:31 -0500
Dale rdalek1...@gmail.com wrote:
I think the new method for determining swap is to use what makes sense
and not the old rule of 'twice the ram'.
Alan's new rule of swap is:
If you ever use swap as swap at all, find out how your
I think the new method for determining swap is to use what makes sense
and not the old rule of 'twice the ram'.
Okay, agreed.
Roland
On Tue, Sep 4, 2012 at 11:53 AM, Dale rdalek1...@gmail.com wrote:
Alan McKinnon wrote:
On Tue, 04 Sep 2012 09:15:31 -0500
Dale rdalek1...@gmail.com wrote:
I think the new method for determining swap is to use what makes sense
and not the old rule of 'twice the ram'.
Alan's new rule of swap
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04.09.2012 15:48, Roland Häder wrote:
I think I made a (tollerateable) mistake:
My hard drive has two partitions: - sda1 - encrypted swap - sda2 -
encrypted root
How should it boot? One way could be by external media (e.g.
stick), other is
Am 04.09.2012 19:37, schrieb Hinnerk van Bruinehsen:
On 04.09.2012 15:48, Roland Häder wrote:
I think I made a (tollerateable) mistake:
My hard drive has two partitions: - sda1 - encrypted swap - sda2 -
encrypted root
How should it boot? One way could be by external media (e.g.
stick),
On Tue, Sep 4, 2012 at 2:18 PM, Florian Philipp li...@binarywings.net wrote:
Am 04.09.2012 19:37, schrieb Hinnerk van Bruinehsen:
On 04.09.2012 15:48, Roland Häder wrote:
I think I made a (tollerateable) mistake:
My hard drive has two partitions: - sda1 - encrypted swap - sda2 -
encrypted
Am 04.09.2012 00:12, schrieb Roland Häder:
Okay, I have made a little progress. I have generated my private key
using some random data + gpg:
# head -c 3705 /dev/urandom | head -n 66 | tail -n 65 key.out # gpg
--symmetric -a --s2k-count 8388608 key.out Enter your password
twice # mv
Am 04.09.2012 20:27, schrieb Michael Mol:
On Tue, Sep 4, 2012 at 2:18 PM, Florian Philipp li...@binarywings.net wrote:
Am 04.09.2012 19:37, schrieb Hinnerk van Bruinehsen:
On 04.09.2012 15:48, Roland Häder wrote:
I think I made a (tollerateable) mistake:
My hard drive has two partitions: -
In theory grub2 is able to open a luks-encrypted volume though it
seems to have some disadvantages: you'll need to enter the passphrase
(or pass the keyfile) two times, because grub itself needs to decrypt
the volume to get the later stages from the encrypted volume and
afterwards the
Am 03.09.2012 23:23, schrieb Roland Häder:
No comment on dracut as I have no experience with it.
Okay, so I have to try it out myself. When I found something out, I
expand the wiki with it.
However, as I see it, you need no key file if you just use a pass
phrase. In my opinion, a key
1. Maybe it would be a good idea to use an ASCII-only random string, for
example by piping it through `base64 -w 0`. That way you don't loose any
entropy (the key just gets longer) but it is easier to type the keyfile
manually, in case you ever need to. You also don't have to worry about
odd
On Tue, Sep 4, 2012 at 3:40 PM, Roland Häder r.hae...@web.de wrote:
1. Maybe it would be a good idea to use an ASCII-only random string, for
example by piping it through `base64 -w 0`. That way you don't loose any
entropy (the key just gets longer) but it is easier to type the keyfile
Okay, I have setup so far this:
/dev/sda1 - /boot (unencrypted)
/dev/sda2 - swap (not yet setup, will be encrypted)
/dev/sda3 - / (encrypted)
/dev/sda3 is the underlaying drive, where I used gpg:
# gpg --decrypt key.gpg | cryptsetup --verbose luksFormat /dev/sda3
# gpg --decrypt key.gpg |
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04.09.2012 20:48, Michael Hampicke wrote:
In theory grub2 is able to open a luks-encrypted volume though
it seems to have some disadvantages: you'll need to enter the
passphrase (or pass the keyfile) two times, because grub itself
needs to
On Tue, 04 Sep 2012 10:53:38 -0500, Dale wrote:
If you are using hibernate/suspend thingys then that is different.
Isn't that when it has to be at least as much swap as you have ram?
Not necessarily because the data is compressed before saving, but you
can't know how much it is going to
On Tue, 04 Sep 2012 20:59:34 +0200, Florian Philipp wrote:
I just have to make sure to leave nothing private on root, /usr or /etc.
Like your passwd and shadow files?
--
Neil Bothwick
Ifyoucanreadthis,youspendtoomuchtimefiguringouttaglines.
signature.asc
Description: PGP signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 04.09.2012 22:05, Roland Häder wrote:
Okay, I have setup so far this:
/dev/sda1 - /boot (unencrypted) /dev/sda2 - swap (not yet setup,
will be encrypted) /dev/sda3 - / (encrypted)
/dev/sda3 is the underlaying drive, where I used gpg:
#
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 04 Sep 2012 19:37:16 +0200, Hinnerk van Bruinehsen wrote:
In theory grub2 is able to open a luks-encrypted volume though it
seems to have some disadvantages: you'll need to enter the passphrase
(or pass the keyfile) two times, because grub
Am 04.09.2012 21:40, schrieb Roland Häder:
1. Maybe it would be a good idea to use an ASCII-only random string, for
example by piping it through `base64 -w 0`. That way you don't loose any
entropy (the key just gets longer) but it is easier to type the keyfile
manually, in case you ever need
Am 04.09.2012 22:14, schrieb Neil Bothwick:
On Tue, 04 Sep 2012 20:59:34 +0200, Florian Philipp wrote:
I just have to make sure to leave nothing private on root, /usr or /etc.
Like your passwd and shadow files?
*g*, good point. However, I'm willing to take the risk on just these
two:
Am 04.09.2012 22:09, schrieb Neil Bothwick:
On Tue, 04 Sep 2012 10:53:38 -0500, Dale wrote:
If you are using hibernate/suspend thingys then that is different.
Isn't that when it has to be at least as much swap as you have ram?
Not necessarily because the data is compressed before saving,
On Tue, 04 Sep 2012 22:45:07 +0200, Florian Philipp wrote:
I just have to make sure to leave nothing private on root, /usr
or /etc.
Like your passwd and shadow files?
*g*, good point. However, I'm willing to take the risk on just these
two: passwd doesn't contain anything of
To add my 2¢:
I have 3 working setups almost done by this
http://en.gentoo-wiki.com/wiki/DM-Crypt_with_LUKS guide which results in either
unencrypted /boot on drive or booting from stick resulting layout is following:
/dev/sda1 /boot
/dev/sda2 dm-crypt container with lvm vg atop of it
In vg is:
Hi all,
I'm currently testing dm-crypt to encrypt my whole hard drive. So far I
followed this [1] guide and have to wait for the randomization part of the hard
drive.
In the wiki, ext4 is being used. Since ext3 a journal has been added. From my
times with loop-aes I know that I have to store
Opps, here is the missing link:
http://wiki.gentoo.org/wiki/DM-Crypt
(I don't think it is a good idea to store the keyFile somewhere plain, [2]
tells that there is support for crypt-gnupg, but it doesn't show any help how
to setup it.
[2]: http://wiki.gentoo.org/wiki/Dracut
Am 03.09.2012 22:20, schrieb Roland Häder:
Hi all,
I'm currently testing dm-crypt to encrypt my whole hard drive. So far
I followed this [1] guide and have to wait for the randomization part
of the hard drive.
You forgot the link to [1].
In the wiki, ext4 is being used. Since ext3 a
The journal is generally located on the partition in question. If the
partition is encrypted the journal should also be encrypted. You can use
`tune2fs -l` to list the contents of the partition's superblock which will
have details on the partition such as journal location, etc...
On Mon, Sep 3,
You forgot the link to [1].
Already mailed but here again:
http://wiki.gentoo.org/wiki/DM-Crypt
Never used loop-aes myself. Sorry if I miss the reason for your
confusion because of it.
http://loop-aes.sourceforge.net
There is the source code. It needs patched util-linux(-ng) package to get
Am 03.09.2012 22:36, schrieb Roland Häder:
Opps, here is the missing link: http://wiki.gentoo.org/wiki/DM-Crypt
(I don't think it is a good idea to store the keyFile somewhere
plain, [2] tells that there is support for crypt-gnupg, but it
doesn't show any help how to setup it.
[2]:
No comment on dracut as I have no experience with it.
Okay, so I have to try it out myself. When I found something out, I expand the
wiki with it.
However, as I see it, you need no key file if you just use a pass
phrase. In my opinion, a key file is only necessary for two improvements:
Okay, I have made a little progress. I have generated my private key using some
random data + gpg:
# head -c 3705 /dev/urandom | head -n 66 | tail -n 65 key.out
# gpg --symmetric -a --s2k-count 8388608 key.out
Enter your password twice
# mv key.out.asc key.gpg
# rm -f key.out
Now I have to
40 matches
Mail list logo
