View previous topic :: View next topic |
Author |
Message |
PaulBredbury Watchman
Joined: 14 Jul 2005 Posts: 7310
|
Posted: Fri Mar 30, 2007 12:19 pm Post subject: |
|
|
The workaround for the system freeze during mkfs.ext2 is to run this before the mkfs command:
Code: | export MKE2FS_SYNC=1 |
It's still unclear as to where the bug lies
Edit: Changed 10 to 1, because it still hangs with 10. Strangely, mkfs.reiserfs works OK, so maybe it's a bug in mkfs.ext2? mkfs.ext3 still freezes, even with the above command |
|
Back to top |
|
|
Ramblurr Tux's lil' helper
Joined: 18 Dec 2006 Posts: 103
|
Posted: Wed Apr 11, 2007 3:31 pm Post subject: |
|
|
I would like to use my truecrypt key in a mobile setting on both windows and linux machines.. that might not necessarily have TC installed.
Does anyone know if this is doable?
I was thinking something along the lines of a small un encrypted partition, fat32 probably, that would hold TC binaries for 32/64bit linux, and a windows binary. Then of course the rest of the drive would be a TC volume. Is this possible?
I'd imagine TC would have to be statically linked, but I don't know if you can do that. |
|
Back to top |
|
|
Havin_it Veteran
Joined: 17 Jul 2005 Posts: 1247 Location: Edinburgh, UK
|
Posted: Tue Jul 10, 2007 3:50 pm Post subject: |
|
|
Ramblurr wrote: | I would like to use my truecrypt key in a mobile setting on both windows and linux machines.. that might not necessarily have TC installed.
Does anyone know if this is doable?
I was thinking something along the lines of a small un encrypted partition, fat32 probably, that would hold TC binaries for 32/64bit linux, and a windows binary. Then of course the rest of the drive would be a TC volume. Is this possible?
I'd imagine TC would have to be statically linked, but I don't know if you can do that. |
I think this couldn't be very reliably portable because it needs a kernel driver to operate; so you need to be able to install a driver on the Windows side, and on the Linux side you might need to actually build it against the host kernel...
Now, a question of my own. Is there any known/reliable way that you could make your homedir on a truecrypt volume? It seems you would need to be able to mount the volume at the KDM (or whatever -DM) stage, before login processes begin that need access to the homedir. PAM maybe? Any info welcome! |
|
Back to top |
|
|
Havin_it Veteran
Joined: 17 Jul 2005 Posts: 1247 Location: Edinburgh, UK
|
Posted: Sat Jul 21, 2007 12:36 pm Post subject: |
|
|
I've moved on from the encrypted homedir idea for now, and settled for symlinking the sensitive files (Quanta Plus configfile containing site passwords was the main one) to locations inside the TC volume. There's nothing really sensitive that needs to be there at login. I'd still be interested in any thoughts on the issue, but purely as a theoretical discussion.
Since we still lack a TrueCrypt GUI for Linux (well, I couldn't find one) here's a small script I wrote that I use on KDE login to mount my TC volume. It uses kde-base/kdialog (sorry Gnomers) so it's not necessary to pop up a terminal to run it. Just fill the variables at the top with the volume path and mountpoint, and put in a file (or symlink/shortcut to a file) in ~/.kde/Autostart/
Code: | #!/bin/sh
# Set Truecrypt volume or image path
TC_VOL=/path/to/tc_vol_or_img
# Set mount point
TC_MNT=/mnt/tc_mount_point
while ! mount | grep $TC_MNT &>/dev/null; do
PW=`kdialog --password "Please enter the TrueCrypt password:"`
if [ "${PW}" == "" ]; then
kdialog --warningcontinuecancel "Password not given!\nTry again?" || exit 1
fi
if ! sudo truecrypt --password=$PW $TC_VOL $TC_MNT; then
kdialog --warningcontinuecancel "Incorrect password!\nTry again?" || exit 1
fi
done
kdialog --passivepopup "Volume $TC_VOL mounted at $TC_MNT" 3
|
Also don't forget that truecrypt will need you to use sudo, so add this line to /etc/sudoers using visudo command:
Code: | myusername ALL=NOPASSWD:/usr/bin/truecrypt * |
Comments/improvements are welcome. As for umounting, all mounted truecrypt volumes are dismounted at shutdown anyway, but if you specifically want to umount on logoff, put a script or shortcut in ~/.kde/shutdown (create this dir if it doesn't exist) containing the one-liner "sudo truecrypt -d". |
|
Back to top |
|
|
ahubu Guru
Joined: 16 Aug 2003 Posts: 400 Location: Groningen, The Netherlands
|
Posted: Thu Oct 04, 2007 3:11 pm Post subject: |
|
|
First of all, thanks for the nice tutorial. My question concerns the creation of a FAT32 filesystem on a truecrypt volume in linux. I know it is possible by going into Windows and using Truecrypt to create a FAT32 partition there. My question is if it is possible to make the FAT32 partition in linux, without having to boot into windows? IIRC parted (and maybe fdisk) are able to make FAT32 filesystems.
edit: oh, I was quick and restless. When running "truecrypt -c" it asks for filesystems and FAT is an option... So to answer my own question: yes. _________________ Anne // Light travels faster than sound. That's why people appear bright until
you hear them speak. -Unknown |
|
Back to top |
|
|
Ramblurr Tux's lil' helper
Joined: 18 Dec 2006 Posts: 103
|
Posted: Wed Oct 24, 2007 11:54 pm Post subject: |
|
|
Havin_it wrote: | I've moved on from the encrypted homedir idea for now, and settled for symlinking the sensitive files (Quanta Plus configfile containing site passwords was the main one) to locations inside the TC volume. There's nothing really sensitive that needs to be there at login. I'd still be interested in any thoughts on the issue, but purely as a theoretical discussion.
Comments/improvements are welcome. As for umounting, all mounted truecrypt volumes are dismounted at shutdown anyway, but if you specifically want to umount on logoff, put a script or shortcut in ~/.kde/shutdown (create this dir if it doesn't exist) containing the one-liner "sudo truecrypt -d". |
Have you considered using dm-crypt for partition encryption? |
|
Back to top |
|
|
Havin_it Veteran
Joined: 17 Jul 2005 Posts: 1247 Location: Edinburgh, UK
|
Posted: Thu Oct 25, 2007 2:27 am Post subject: |
|
|
Ramblurr wrote: | Have you considered using dm-crypt for partition encryption? |
Can't say as I have; the partition I encrypted is to be used from both Gentoo and WinXP installs, so it has to be TrueCrypt for me really. Were this not the case though, what would be the advantages? |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|