[Sorry for the formatting. I wanted to reorder the comments.]
My system works fine, but I was very interested in Carlos' suggestions.
Here are my observations:
> They would mount if available at boot time, if the service is enabled:
>
> nimrodel:~ # chkconfig boot.crypto
> boot.crypto on
>
> and the device is available at that time. It prompts for a password
during
> boot up.
boot.crypto tries, but fails to find the partitions at boot time. In
fact, it fails without delay. The relevant line from the boot.msg is:
Activating crypto devices using /etc/cryptotab ...failed
actually, while booting, there are messages to the effect that the
specified partitions are not available. Later in the file is:
System Boot Control: The system has been set up
Failed features: boot.crypto
It does try to start the USB system and waits 3 seconds before
attempting to mount the encrypted drives. The drive lights are on.
(These are MyBooks that power up/down with the computer.)
> As I mentioned previously, you can also use fstab for encrypted
> partitions. For instance, one of mine:
>
>
> /device_or_file /mnt/crypto xfs
noauto,loop=/dev/loop4,encryption=twofish256 0 0
>
>
> I doubt labels could be used here, but I assume dev-ids would - I never
> thought of that till reading this thread ;-)
Right, there is no way to label an encrypted partition as far as I can
tell. I moved the specs to fstab, but no go. At boot, the system doesn't
seem to know about encryption and just says:
mount: going to use the loop device /dev/loop0
/dev/disk/by-id/usb-WD_<snip>-part1: No such file or directory
mount: failed setting up loop device
for each drive. Here, the drive lights are not yet on.
Subsequently, trying to manually mount the partitions as root gives:
ioctl: LOOP_SET_STATUS: Invalid argument, requested cipher or
key
length (256 bits) not supported by kernel
I am curious as to why the initial boot.crypto fails, why booting with
the specs in fstab doesn't invoke boot.crypto, and why my kernel doesn't
support 256 bit encryptions. Actually, I guess I just didn't specify
something about the latter when I installed, but I'm not going to
reinstall the kernel at this time - everything does work as originally
described.
> sync/nosunc?
>
Not sure the relevance here for encrypted partitions. I am running with
whatever the default is and previous discussions seemed tp focus on
FAT32 files systems and such.
Best, ds
Carlos E. R. wrote:
...<snip>
--
Dennis E. Slice
Department of Anthropology
University of Vienna
========================================================
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
