LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 11-06-2007, 09:47 PM   #1
compu73rg33k
Member
 
Registered: Feb 2004
Distribution: Ubuntu
Posts: 316

Rep: Reputation: 30
Loading encrypted partitions at boot


So I have 5 partitions. /boot, /, /usr, /swap, and /home. I've encrypted the latter 4 with luks encryption using cryptsetup. I've changed /etc/fstab to use the device /dev/mapper/device (where device is root, usr, swap, home) and then setup my /etc/cryptttab to open them.At boot it immediately asks the password for root. I put it in and then it continues to load up and then it fails when trying to mount /usr and /home complaining that the device /dev/mapper/device (where device is usr, swap, home) isn't found. I then try to open the partition with the command
Code:
cryptsetup /dev/sda6 usr
and it complains about the shared cryptsetup library not being found. This makes sense because it's under /usr/lib, which apparently hasn't been mounted. However, why is the root partition opening up but not the rest? How is it working if the library isn't mounted? I did add dm-crypt to my list in /etc/modules so that is loaded. I confirmed this with lsmod. Why would root open but not usr, swap, and home? They're all in /etc/crypttab

/etc/crypttab
Code:
# <target name> <source device>         <key file>      <options>
root            /dev/sda5               none            luks
usr             /dev/sda6               none            luks
swap            /dev/sda7               none            luks
home            /dev/sda8               none            luks
/etc/fstab
Code:
# /etc/fstab: static file system information.
#
# <file system> <mount point>   <type>  <options>                       <dump>  <pass>
proc            /proc           proc    defaults                        0       0

# /dev/sda3
/dev/sda3       /boot           ext3    defaults        0       2

# /dev/sda5
/dev/mapper/root /              ext3    defaults,errors=remount-ro      0       1

# /dev/sda8
/dev/mapper/home /home          ext3    defaults,errors=remount-ro      0       1

# /dev/sda6
/dev/mapper/usr /usr            ext3    defaults,errors=remount-ro      0       1

# /dev/sda7
/dev/mapper/swap none           swap    sw                              0       0


/dev/hdc        /media/cdrom0           udf,iso9660 user,noauto,exec    0       0

Last edited by compu73rg33k; 11-06-2007 at 09:55 PM.
 
Old 11-08-2007, 10:02 AM   #2
bigrigdriver
LQ Addict
 
Registered: Jul 2002
Location: East Centra Illinois, USA
Distribution: Debian Squeeze
Posts: 5,747

Rep: Reputation: 301Reputation: 301Reputation: 301Reputation: 301
I don't know the answer to your problem. However, I did find this article at ArchWiki on setting up luks. It seems to give clear, step-by-step instructions. You might want to go through it to see if you missed something. I note that you mention one module (dm-crypt), but the article mentions two modules (dm-crypt and one other).

http://wiki.archlinux.org/index.php/LUKS_Encrypted_Root
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Loading encrypted partitions at boot compu73rg33k Ubuntu 0 11-03-2007 07:59 PM
Installing to encrypted partitions? compu73rg33k Ubuntu 2 11-03-2007 07:54 PM
Accessing encrypted partitions from OpenBSD avallach *BSD 2 06-12-2007 05:04 AM
Creating and using encrypted partitions as non-root v00d00101 Linux - Security 3 06-25-2006 05:31 PM
Hacking the initrd for encrypted partitions sonicbuddha Linux - Security 2 12-20-2005 08:23 PM


All times are GMT -5. The time now is 08:11 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration