Gentoo Archives: gentoo-user

From: Walter Dnes <waltdnes@××××××××.org>
To: Gentoo Users List <gentoo-user@l.g.o>
Subject: [gentoo-user] Using USB key as real $HOME and possible encryption?
Date: Mon, 28 Apr 2014 20:58:11
Message-Id: 20140428205736.GA4234@waltdnes.org
1 I want to set up my notebook for use whilst travelling. I intend to
2 have an innocuous /home/waltdnes partion on the notebook, and have the
3 "real" $HOME (a copy of my desktop machine's $HOME) on a 128 gigabyte
4 USB key. When I want to access it, I'll mount the USB key over
5 /home/waltdnes. That protects against the notebook being lost/stolen.
6 The next question is how do I guard the data on the USB key. I'm
7 looking at using cryptsetup to encrypt the USB key. Some interesting
8 stuff on Google... http://sleepyhead.de/howto/?href=cryptpart shows how
9 to use cryptsetup with and without LUKS.
10
11 ========================================================================
12 dm-crypt without LUKS
13
14 # cryptsetup -y create sdc1 /dev/sdc1 # or any other partition like /dev/loop0
15 # dmsetup ls # check it, will display: sdc1 (254, 0)
16 # mkfs.ext3 /dev/mapper/sdc1 # This is done only the first time!
17 # mount -t ext3 /dev/mapper/sdc1 /mnt
18 # umount /mnt/
19 # cryptsetup remove sdc1 # Detach the encrypted partition
20
21 Do exactly the same (without the mkfs part!) to re-attach the partition.
22 If the password is not correct, the mount command will fail. In this
23 case simply remove the map sdc1 (cryptsetup remove sdc1) and create it
24 again.
25 ========================================================================
26
27 I did a --pretend emerge of cryptsetup, and I see that it pulls in
28 lvm2 as a dependancy, presumably to enable the /dev/mapper/* entries.
29 Any comments on whether I'm better off with or without LUKS? I also
30 intend to use ext2, because I understand that a journalling fs is murder
31 on USB keys.
32
33 --
34 Walter Dnes <waltdnes@××××××××.org>
35 I don't run "desktop environments"; I run useful applications

Replies

Subject Author
Re: [gentoo-user] Using USB key as real $HOME and possible encryption? "Rick \\\"Zero_Chaos\\\" Farina" <zerochaos@g.o>