Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[Init-Script]Partitionsverschlüsselung LUKS&verschl.Keyfile
View unanswered posts
View posts from last 24 hours
View posts from last 7 days

 
Reply to topic    Gentoo Forums Forum Index Deutsches Forum (German) Deutsche Dokumentation
View previous topic :: View next topic  
Author Message
manuels
Advocate
Advocate


Joined: 22 Nov 2003
Posts: 2146
Location: Europe

PostPosted: Wed Aug 30, 2006 12:38 pm    Post subject: [Init-Script]Partitionsverschlüsselung LUKS&verschl.Key Reply with quote

Hi,

ich habe meine Home-Partition verschlüsselt. Hierzu habe ich einen 256-Bit Keyfile mit GPG verschlüsselt und auf einen Dongle gepackt.
(Hab mir das ganze nach den Anleitungen partition verschlüsseln mit dmcrypt und DM-Crypt zusammengebastelt.)

Dazu habe ich dann ein Init-Script geschrieben. Mit RC_PARALLEL_STARTUP="no" in der /etc/conf.d/rc läuft es sehr gut.
Verbesserungsvorschläge willkommen.

File: /etc/init.d/cryptoluks
Code:
#!/sbin/runscript

# Vars
mapdevice=decrypt-home;
lvmdevice=/dev/vg/crypto-home;
mountpath=/home

keyfile=/mnt/usb/home-key.gpg
keymount=/mnt/usb

depend() {
        need checkroot
        need modules
        use lvm
        before localmount
        before xdm
        before *
}


start() {
        ebegin "Mounting LUKS loopback device ...";

        einfo "Please insert key file medium and stand by while trying to mount...";
        false;
        while test $? -ne 0; do
          mount $keymount > /dev/null 2>&1
        done

        false;
        while test $? -ne 0; do
          gpg --quiet -d $keyfile | cryptsetup -y luksOpen $lvmdevice $mapdevice;
        done

        umount -l $keymount > /dev/null 2>&1;

        mount $mountpath;

        eend $?;
}
stop() {
        ebegin "Unmounting LUKS loopback device...";

        umount $mountpath;
        /bin/cryptsetup luksClose $mapdevice;

        eend $?;
}

_________________
Build your own live cd with catalyst 2.0!
Back to top
View user's profile Send private message
Moorenkopf
Apprentice
Apprentice


Joined: 18 Apr 2004
Posts: 189
Location: NRW

PostPosted: Wed Aug 30, 2006 6:55 pm    Post subject: Reply with quote

Ich hab' da einen Querverweis anzubieten: https://forums.gentoo.org/viewtopic-t-450094-highlight-.html
</my 2 cents>;)
Back to top
View user's profile Send private message
manuels
Advocate
Advocate


Joined: 22 Nov 2003
Posts: 2146
Location: Europe

PostPosted: Thu Aug 31, 2006 11:19 am    Post subject: Reply with quote

jo, aber das ist eben ohne verschlüsseltem Keyfile.
_________________
Build your own live cd with catalyst 2.0!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Deutsches Forum (German) Deutsche Dokumentation All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum