| 1 |
On Tuesday 2010-05-18 23:49, Stefan G. Weichinger wrote: |
| 2 |
|
| 3 |
>> # ./mount.crypt -vo |
| 4 |
>> keyfile=t-crypt.key,fsk_cipher=aes-256-cbc,fsk_hash=md5 /dev/loop94 |
| 5 |
>> /mnt command: 'readlink' '-fn' '/dev/loop94' command: 'readlink' |
| 6 |
>> '-fn' '/mnt' Password: mount.crypt(crypto-dmc.c:144): Using |
| 7 |
>> _dev_loop94 as dmdevice name command: 'mount' '-n' |
| 8 |
>> '/dev/mapper/_dev_loop94' '/mnt' # df /mnt Filesystem |
| 9 |
>> 1K-blocks Used Available Use% Mounted on /dev/loop94 |
| 10 |
>> 62465 5365 53875 10% /mnt |
| 11 |
>> |
| 12 |
>> Match? |
| 13 |
> |
| 14 |
>Frankly: dunno ;-) |
| 15 |
>Yes, I am able to follow and understand in general so far ... but ... |
| 16 |
|
| 17 |
Right now it's more a case of "let's do it and compare results" |
| 18 |
than having to thoroughly understand when and where cryptsetup |
| 19 |
chops off a byte and pads another. |
| 20 |
|
| 21 |
That went fine, up to |
| 22 |
|
| 23 |
># mount the new fs |
| 24 |
>mount /dev/mapper/newhome /mnt/gschwind |
| 25 |
>all this worked OK so far, but not with pam_mount. |
| 26 |
>OK? |
| 27 |
|
| 28 |
OK, but don't stop there. pam_mount really just ultimatively runs |
| 29 |
mount.crypt; and it tells you that it does by means of syslog |
| 30 |
(with enabled debug=1 of course). |
| 31 |
|
| 32 |
command: 'mount.crypt' '-ofsk.... |
| 33 |
|
| 34 |
And that is what you can run from shell, which eliminates |
| 35 |
pam_mount from the path and only leaves the usual suspects. |
| 36 |
|
| 37 |
Keep on it, marine! |
| 38 |
|
| 39 |
|
| 40 |
>Assuming that "I am too stupid": Where is the how-to-do-it? |
| 41 |
>So far the only thing I really understood "You are doing it wrong". |
| 42 |
>But where is the "Do it this way and you are safe" ? |
| 43 |
|
| 44 |
http://archives.gentoo.org/gentoo-user/msg_e80d6e5a662b7595a2a8a70a0fa166dd.xml |
| 45 |
was basically it: pmt-ehd and you're safe. Short of the current |
| 46 |
...missing feature though, mentioned in that same mail. |
Archives