Well, I have my system the way I want it. Thought I would post a summary that might help others.
CPU: Dell gx240 OS: SUSE 10.0 I bought a Western Digital 320GB mybook to replace/augment a WD120GB drive. Liked it, so I bought another. Basically, I connected the drives and used YAST2|System|Partitioner to delete the FAT32 partition that came with the drive, then created a single encrypted reiserfs partition on each drive. For unencrypted drives, an entry with something like /dev/sda1 is entered into the fstab. For encrypted ones, a similar entry is made in /etc/cryptotab. To specify where each drive is mounted (you can't know if it will be sda, sdb, etc.) reference the drive by its entry in /dev/disk/by-id/ (see below). I.e., simply replace /dev/sda or whatever with the approprite /dev/disk/by-id/... There are two entries in this directory for each drive - one with and one without the -parti. The one without is the physical drive, the one with is the partition on that drive. I suppose other -partis would appear if you had more partitions. You can unplug drives to figure out which is which if you are working with identical drives. File contents (<snip> was a long serial number of the drive): In /etc/fstab... /dev/disk/by-id/usb-WD_1200BB_<snip>-part1 /media/USB120 reiserfs user,noauto,acl 0 0 In /etc/cryptotab... /dev/loop0 /dev/disk/by-id/usb-WD_<snip>-part1 /media/USB320_0 reiserfs twofish256 acl,user_xattr /dev/loop1 /dev/disk/by-id/usb-WD_<snip>-part1 /media/USB320_1 reiserfs twofish256 acl,user_xattr NOTE: If you work with one drive at a time, the partitioner will put multiple /dev/loop0s in the cryptotab. You have to give each a unique number. These encrypted drives don't automatically mount AFAIK, so I have a little script I run as su when I (re)boot the computer. Something like: script: usbmount... umount /dev/sda1 umount /dev/sdb1 umount /dev/sdc1 /etc/init.d/boot.crypto start mount /media/wd120 There are some leftovers in this script: the encrypted drives (in /etc/cryptotab) don't automatically mount. The umount commands were there to unmount the unencrypted USB120 when I was transferring files - it needed to be remounted for performance. The encrypted partitions are mounted by the "/etc/init.d/boot.crypto start" line and you are asked for the password for the encrypted volumes. One thing to note. My system had USB1.1, so I bought a cheap USB 2.0 PCI card. For unencrypted drives, that improved performance 20X, but only around 10X for encrypted volumes. That is, there is about a 50% performance hit due to running encryption, but it is not really noticable to me in use. Hope this helps someone. Ciao and thanks to all who helped me. Dennis E. Slice wrote: > Hi, All. > > I have been using an external WD 120GB USB drive, and have just added a > WD320 MyBook. To upgrade my overall security, I formatted the latter as > an encrypted drive using the SUSE partition manager. I like it, and am > thinking of getting a matching drive so I can have a data drive and a > backup - WD320A and WD320B. > > The problem I have is that I cannot anticipate where the different > drives will be attached during boot up - /dev/sda1, /dev/sdb1. If these > change, and they do, my mount points become useless. > > For unencrypted drives, I have found that one can mount by label in > /etc/fstab, e.g., LABEL=WD320A, and can set the label using the SUSE > partitioning program. > > I cannot, however, find a similar procedure for encrypted partitions - > you cannot, apparently, specify a label for an encrypted drive/partition > with the provided partition program. > > I have searched a bit, but can find no solution on the web or news groups. > > To summarize, I would like to either force the mounting of encrypted > partitions on external USB drives to /dev/sda1, etc. Or, would like to > be able to mount encrypted drives correctly without regard to their > /dev/sdxx. > > Does anyone have a solution to this problem? Can someone point me toward > a relevant discussion? > > OS: SUSE 10.0 > > TIA -- Dennis E. Slice Department of Anthropology University of Vienna ======================================================== -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
