Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: "Roland Häder" <r.haeder@×××.de>
To: gentoo-user@l.g.o
Subject: Aw: Re: [gentoo-user] dm-crypt + ext4 = where will the journal go?
Date: Tue, 04 Sep 2012 20:08:35
Message-Id: trinity-1419b625-62b6-4c34-9110-3bf7d7b850e8-1346789135028@3capp-webde-bs44
In Reply to: Re: [gentoo-user] dm-crypt + ext4 = where will the journal go? by Florian Philipp
1 Okay, I have setup so far this:
2
3 /dev/sda1 - /boot (unencrypted)
4 /dev/sda2 - swap (not yet setup, will be encrypted)
5 /dev/sda3 - / (encrypted)
6
7 /dev/sda3 is the underlaying drive, where I used gpg:
8
9 # gpg --decrypt key.gpg | cryptsetup --verbose luksFormat /dev/sda3
10 # gpg --decrypt key.gpg | cryptsetup --verbose luksOpen /dev/sda3 encVol
11 # dd if=/dev/zero of=/dev/mapper/encVol bs=100M (to avoid filesystem corruption)
12 # mkfs.ext4 -L root /dev/mapper/encVol
13
14 Now I continued as usual with the Gentoo handbook (mount all, copy things on it, etc.)
15
16 After I compiled the kernel, emerged cryptsetup on the new system, I editied /boot/grub/grub.conf:
17 -----------------------------------------------
18 default 0
19 timeout 30
20 splashimage=(hd0,0)/boot/grub/splash.xpm.gz
21
22 title Gentoo Linux
23 root (hd0,0)
24 kernel /boot/kernel-genkernel-x86-3.3.8-gentoo root=/dev/ram0 crypt_root=/dev/sda3
25 initrd /boot/initramfs-genkernel-x86-3.3.8-gentoo
26 -----------------------------------------------
27 (I read not to use real_root, but crypt_root instead?)
28
29 Then I emerged grub as usual (also: # cat /proc/mounts > etc/mtab ) and did: # grub-install --no-floppy /dev/sda
30
31 Still as usual. Now it is downloading plymouth (to have some cool things) + dracut (easiest way as I read in wiki).
32
33 I also had to expand /etc/make.conf (not /etc/portage/make.conf ??? Is this a mistake in handbook?):
34
35 -----------------------------------------------
36 DRACUT_MODULES="crypt_gpg plymouth"
37 -----------------------------------------------
38
39 Now I really hope, that after I installed dracut on it, that I can boot it and the initrd will be updated. It needs at least some kernel modules (e.g. dm_crypt, ext4, sha512_generic, aes_generic) plus gpg and cryptsetup tools to actually decrypt the hard drive.
40
41 Regards,
42 Roland

Replies

Subject Author
Re: Aw: Re: [gentoo-user] dm-crypt + ext4 = where will the journal go? Hinnerk van Bruinehsen <h.v.bruinehsen@×××××××××.de>
Report Message
Find on MARC Find on Google Groups