19 |
- new packages needed for crypto-swap script: |
- new packages needed for crypto-swap script: |
20 |
sharutils (uuencode) |
sharutils (uuencode) |
21 |
- create random passphrase/seed |
- create random passphrase/seed |
22 |
#: head -c <LENGTH> /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 |
#: head -c ${LENGTH} /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 |
23 |
- create encrypted fs: |
- create encrypted fs: |
24 |
(passphrase need min 20 characters!!) |
(passphrase need min 20 characters!!) |
25 |
echo ${PASSPHRASE} | losetup -p 0 -e aes-256 ${LOOPDEV} ${DEVICE} |
echo ${PASSPHRASE} | losetup -p 0 -e aes-256 ${LOOPDEV} ${DEVICE} |
57 |
|
|
58 |
- mounting encrypted file-systems at boot-time |
- mounting encrypted file-systems at boot-time |
59 |
- for interactive key-passphrase, add following at /etc/fstab: |
- for interactive key-passphrase, add following at /etc/fstab: |
60 |
/dev/hda6 <mount-point> <fs-type> defaults,loop=/dev/loop6,encryption=AES256 0 0 |
/dev/hda6 mount-point fs-type defaults,loop=/dev/loop6,encryption=AES256 0 0 |
61 |
|
|
62 |
with this method you have to enter your passphrase at boot-time (when the encrypted fs will be mounted) |
with this method you have to enter your passphrase at boot-time (when the encrypted fs will be mounted) |
63 |
|
|
70 |
# loop device name |
# loop device name |
71 |
LOOPDEV=/dev/loop3 |
LOOPDEV=/dev/loop3 |
72 |
|
|
73 |
PASSPHRASE="<YOUR_PASSPHRASE>" # min 20 characters |
PASSPHRASE="YOUR_PASSPHRASE" # min 20 characters |
74 |
SEED="<YOUR_SEED>" |
SEED="YOUR_SEED" |
75 |
|
|
76 |
case "$1" in |
case "$1" in |
77 |
start) |
start) |