| 1 |
On Wed, May 7, 2014 at 7:36 AM, Walter Dnes <waltdnes@××××××××.org> wrote: |
| 2 |
> |
| 3 |
> On Wed, May 07, 2014 at 12:50:53AM +0300, Alon Bar-Lev wrote |
| 4 |
> > Checkout[1] |
| 5 |
> > |
| 6 |
> > [1] |
| 7 |
> > http://alonbl.shoutwiki.com/wiki/Gentoo/Linux_Disk_Encryption_Using_LoopAES_And_SmartCards |
| 8 |
> |
| 9 |
> Unfortunately, 90% of the wiki entry is irrelavant to my situation. |
| 10 |
> It's aimed at encrypting the entire machine, and making it bootable with |
| 11 |
> initramfs. I just need to encrypt a USB key. |
| 12 |
|
| 13 |
Encrypting USB key without booting from it? |
| 14 |
|
| 15 |
> I see that it also says to build various stuff with the "static" USE |
| 16 |
> flag. I assume this is for an initramfs boot. Looking at the ebuild, I |
| 17 |
> see that it strongly suggests static-libs builds for a whole bunch of |
| 18 |
> stuff. I don't know if this is required in all cases, or simply for |
| 19 |
> booting from an encrypted disk... |
| 20 |
> |
| 21 |
> LIB_DEPEND="dev-libs/libgpg-error[static-libs(+)] |
| 22 |
> dev-libs/popt[static-libs(+)] |
| 23 |
> sys-apps/util-linux[static-libs(+)] |
| 24 |
> gcrypt? ( dev-libs/libgcrypt:0[static-libs(+)] ) |
| 25 |
> nettle? ( >=dev-libs/nettle-2.4[static-libs(+)] ) |
| 26 |
> openssl? ( dev-libs/openssl[static-libs(+)] ) |
| 27 |
> sys-fs/lvm2[static-libs(+)] |
| 28 |
> sys-libs/e2fsprogs-libs[static-libs(+)] |
| 29 |
> udev? ( virtual/udev[static-libs(+)] )" |
| 30 |
> |
| 31 |
> Also interesting is that this webpage recommends *NO* loop support in |
| 32 |
> the kernel. This may be important, i.e. loop-aes may provide the |
| 33 |
> support, and clash with the kernel code. Time to head off to bed |
| 34 |
> tonight. I'll try again in the morning. |
| 35 |
|
| 36 |
Correct. If you want to use loop-aes you must disable the kernel loop, |
| 37 |
this is how things are done. |
| 38 |
|
| 39 |
Alon |
Archives