1 |
On Wed, May 7, 2014 at 7:36 AM, Walter Dnes <waltdnes@××××××××.org> wrote: |
2 |
> |
3 |
> On Wed, May 07, 2014 at 12:50:53AM +0300, Alon Bar-Lev wrote |
4 |
> > Checkout[1] |
5 |
> > |
6 |
> > [1] |
7 |
> > http://alonbl.shoutwiki.com/wiki/Gentoo/Linux_Disk_Encryption_Using_LoopAES_And_SmartCards |
8 |
> |
9 |
> Unfortunately, 90% of the wiki entry is irrelavant to my situation. |
10 |
> It's aimed at encrypting the entire machine, and making it bootable with |
11 |
> initramfs. I just need to encrypt a USB key. |
12 |
|
13 |
Encrypting USB key without booting from it? |
14 |
|
15 |
> I see that it also says to build various stuff with the "static" USE |
16 |
> flag. I assume this is for an initramfs boot. Looking at the ebuild, I |
17 |
> see that it strongly suggests static-libs builds for a whole bunch of |
18 |
> stuff. I don't know if this is required in all cases, or simply for |
19 |
> booting from an encrypted disk... |
20 |
> |
21 |
> LIB_DEPEND="dev-libs/libgpg-error[static-libs(+)] |
22 |
> dev-libs/popt[static-libs(+)] |
23 |
> sys-apps/util-linux[static-libs(+)] |
24 |
> gcrypt? ( dev-libs/libgcrypt:0[static-libs(+)] ) |
25 |
> nettle? ( >=dev-libs/nettle-2.4[static-libs(+)] ) |
26 |
> openssl? ( dev-libs/openssl[static-libs(+)] ) |
27 |
> sys-fs/lvm2[static-libs(+)] |
28 |
> sys-libs/e2fsprogs-libs[static-libs(+)] |
29 |
> udev? ( virtual/udev[static-libs(+)] )" |
30 |
> |
31 |
> Also interesting is that this webpage recommends *NO* loop support in |
32 |
> the kernel. This may be important, i.e. loop-aes may provide the |
33 |
> support, and clash with the kernel code. Time to head off to bed |
34 |
> tonight. I'll try again in the morning. |
35 |
|
36 |
Correct. If you want to use loop-aes you must disable the kernel loop, |
37 |
this is how things are done. |
38 |
|
39 |
Alon |