View previous topic :: View next topic |
Author |
Message |
Sujao l33t
Joined: 25 Sep 2004 Posts: 677 Location: Germany
|
Posted: Wed Apr 01, 2009 8:06 pm Post subject: cryptsetup+gpg not working in /etc/init.d/dmcrypt. bug? |
|
|
I decided to decrypt my encrypted partitions with gpg keys instead of entering the passwords at boot every time. I have about 9 partitions so this is quiet tiresome.
I have the feeling that the decrypting function in /lib/rcscripts/addons/dm-crypt-start.sh that takes the data from /etc/conf.d/dmcrypt is not working correctly. It passes the key directly to cryptsetup through piping:
Code: | gpg ${gpg_options} ${key} 2>/dev/null | cryptsetup ${options} ${arg1} ${arg2} ${arg3} |
I tried doing this command manually on a fully booted system after I closed the home mapping manually
Code: | gpg -q -d --cipher-algo AES256 home.gpg 2>/dev/null | cryptsetup luksOpen /dev/md5 home |
and it didn't work. So I tried passing the key file as an argument (not the key directly) as it is described in the man file of cryptsetup and it worked! ("home" is the name of the mapping and also the file where the key is stored)
Code: | cryptsetup luksOpen /dev/md5 home --key-file home |
So my conclusion is that the script is buggy or the behaviour of cryptsetup changed in one of the recent versions. Any ideas? |
|
Back to top |
|
|
Sujao l33t
Joined: 25 Sep 2004 Posts: 677 Location: Germany
|
Posted: Thu Apr 02, 2009 3:45 pm Post subject: |
|
|
Can someone at least confirm that cryptsetup-1.0.5-r1, gnupg-2.0.10 and baselayout-1.12.11.1 are working for him with a gpg key file configuration? Thanks |
|
Back to top |
|
|
Sujao l33t
Joined: 25 Sep 2004 Posts: 677 Location: Germany
|
|
Back to top |
|
|
|