LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 01-22-2009, 05:25 PM   #1
alkos333
Member
 
Registered: Dec 2006
Posts: 271

Rep: Reputation: 31
External LUKS


I purchased an external 2-bay raid enclosure and set up LUKS on it. I connect it via usb and because I use it with a laptop, it's obviously not going to be connected at all times, so I was wondering what was the best way to go about automating the mounting process. I've looked into automount, but I'm ont 100% certain this is what I need.

I suspect I need to write a udev rule, to create a constant /dev node (symbolic link) for the external drive because they change depending on when I connect the hard drive (sdb, sdc, etc).

Then I need to activate the encryption with cryptsetup openLuks command (still not sure where the password goes)

Then I have to activate LVM using
vgscan --mknodes
vgchange -ay

Finally, mount the lvm partition to /mnt/exthd

This is how I think I need to go about this, but I'm not entirely certain. Any suggestions would be appreciated.
 
Old 01-23-2009, 02:23 AM   #2
Ilgar
Senior Member
 
Registered: Jan 2005
Location: Istanbul, Turkey
Distribution: Slackware64 15.0, Slackwarearm 14.2
Posts: 1,156

Rep: Reputation: 234Reputation: 234Reputation: 234
I don't know whether it manages LVM or not but there is a software called Krypt which sits in the system tray and opens/closes LUKS partitions. You may configure it to store the password so that it opens LUKS partitions automatically. I have an external HDD with a LUKS partition with ext3 inside. When Krypt unlocks the LUKS, HAL automatically detects and mounts the ext3 inside. But I don't know if it would also work with LVM.
 
Old 01-23-2009, 04:00 PM   #3
BCarey
Senior Member
 
Registered: Oct 2005
Location: New Mexico
Distribution: Slackware
Posts: 1,639

Rep: Reputation: Disabled
Do you have an entry in /etc/fstab? It will then prompt you for the passphrase at boot time.

Brian
 
Old 01-23-2009, 04:10 PM   #4
gegechris99
Senior Member
 
Registered: Oct 2005
Location: France
Distribution: Slackware 15.0 64bit
Posts: 1,151
Blog Entries: 5

Rep: Reputation: 385Reputation: 385Reputation: 385Reputation: 385
alkos333,

Your roadmap looks OK to me:

1) udev rules to ensure unique /dev device (I don't know how to do it)
2) open the LUKS partition
3) activate Volume Group and Logical Volume(s) (LV)
4) mount LV

Regarding the password when you open the LUKS partition (step 2), you have 2 choices:

- Get a prompt and enter it manually
- Store the password in /etc/crypttab and then LUKS is opened automatically (refer to README_CRYPT.TXT)

I would suggest the first one as this is the purpose of having an encrypted file (you want to give access to it only to authorized people who know the password).

Last edited by gegechris99; 01-23-2009 at 04:11 PM. Reason: typo correction
 
Old 01-24-2009, 12:59 PM   #5
alkos333
Member
 
Registered: Dec 2006
Posts: 271

Original Poster
Rep: Reputation: 31
For the sake of automation, I'd rather save the password in /etc/crypttab, which would be located on my laptop that has LUKS on it as well and prompts for password at boot-up.

I can write a udev rule, no problem there. Where I'm a little bit perplexed is how to automate the encryption and LVM activation because I'm trying to use automount here, I don't see where I can specify that the partition requires LUKS and LVM to be enabled first.
 
Old 01-24-2009, 01:25 PM   #6
gegechris99
Senior Member
 
Registered: Oct 2005
Location: France
Distribution: Slackware 15.0 64bit
Posts: 1,151
Blog Entries: 5

Rep: Reputation: 385Reputation: 385Reputation: 385Reputation: 385
Hello alkos333,

I was thinking that you would write a script that will be started by a udev rule (maybe the same as the one that will specify the /dev device).
 
Old 01-24-2009, 01:32 PM   #7
Ilgar
Senior Member
 
Registered: Jan 2005
Location: Istanbul, Turkey
Distribution: Slackware64 15.0, Slackwarearm 14.2
Posts: 1,156

Rep: Reputation: 234Reputation: 234Reputation: 234
Quote:
Originally Posted by alkos333 View Post
For the sake of automation, I'd rather save the password in /etc/crypttab, which would be located on my laptop that has LUKS on it as well and prompts for password at boot-up.
Wouldn't storing the password in plaintext nullify the whole purpose of LUKS?
 
Old 01-24-2009, 05:01 PM   #8
alkos333
Member
 
Registered: Dec 2006
Posts: 271

Original Poster
Rep: Reputation: 31
Quote:
Originally Posted by Ilgar View Post
Wouldn't storing the password in plaintext nullify the whole purpose of LUKS?
Not unless the partition /etc/crypttab is located on is encrypted as well and actually prompts for the password.

Last edited by alkos333; 01-24-2009 at 05:05 PM.
 
Old 01-24-2009, 05:04 PM   #9
alkos333
Member
 
Registered: Dec 2006
Posts: 271

Original Poster
Rep: Reputation: 31
Quote:
Originally Posted by gegechris99 View Post
Hello alkos333,

I was thinking that you would write a script that will be started by a udev rule (maybe the same as the one that will specify the /dev device).
Hmm... that's a great idea. I think the problem is solved. I write a udev rule that creates a device node, runs the program which activates luks and lvm, and then automount picks up from there.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LUKS encryption question DarkpawT Linux - Software 4 11-05-2008 01:18 AM
Slackware 12.1, LUKS, LVM on external HD. How? randomsel Slackware - Installation 7 06-26-2008 06:35 PM
Luks Lockywolf Slackware 2 06-17-2008 03:52 AM
cryptsetup-luks question nomb Linux - Software 4 06-14-2007 10:22 AM
cryptsetup-luks error flying-tuxman Linux - Security 2 11-20-2006 11:08 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 08:53 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration