I am relatively unfamiliar with enabling sha256; I believe that sha256 has to be build into the kernel. Once it is present in the .../kernel/crypto dir LUKS partitions will be able to be formatted (with the essiv option) and/or opened directly from the liveCD...
Setting up encrypted partitions is pretty straight forward with LUKS... google them, download the tar, compile.... should be ready to go... Issue commands like: dd if=/dev/urandom of=/dev/sdcX bs=1 then [after eight or so days...] [dd is optional for testing purposes] cryptsetup --verbose --cipher aes-cbc-essiv:sha256 --key-size 256 luksFormat /dev/sdcX [it is the "aes-cbc-essiv:sha256" command that necessitates the need for sha256 support in the liveCD] then cryptsetp luksOpen /dev/sdcX sdcx [without sha256 support in the liveCD, this command will also fail] then mkfs.xfs /dev/mapper/sdcX then mkdir /mnt/sdcX then mount -t xfs -o nobarrier /dev/mapper/sdcX /mnt/sdcX the "nobarrier" command helps if you are using it on a hw array, otherwise you shouldn't need it. ...mess around with it... anything you write to it is encrypted. If this doesn't do it for you (maybe typing in a pass phrase every time is boring... who knows) then you can easily use a secondary storage device (ie USB key) to hold the access key... setting that up is easy, but the directions on the luks wiki are misleading... As is already known dd and luksFormat [in the above example] are destructive commands; they will destroy data on sdcX. Let me know if you need more info... Peter -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alexander E. Patrakov Sent: Thursday, February 22, 2007 0 37 To: Development of LFS LiveCD Subject: Re: LiveCD to include sha256 support? PGF Junk Mail Account wrote: > I am very interested in seeing sha256 support in the LFS livecd... Then please give me a pointer how to implement and test it. I have never used encrypted storage before. Also note that this feature will be available only in the 6.2 series of the LiveCD, not 6.3-pre. In order to be able to update the kernel to 2.6.20.1 (as the LFS SVN book demands), I have to drop all patches (reiser4 and loop-aes). -- Alexander E. Patrakov -- http://linuxfromscratch.org/mailman/listinfo/livecd FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page -- http://linuxfromscratch.org/mailman/listinfo/livecd FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
