--- jonen/notes/notes_2004-06.twingle 2004/06/02 22:47:22 1.2
+++ jonen/notes/notes_2004-06.twingle 2004/06/14 23:20:30 1.4
@@ -1,6 +1,6 @@
- Debian-stable and AES-loop(crypto-api) file-system encryption(kernel 2.6.x):
+ Debian-stable/testing and AES-loop(crypto-api) file-system encryption(kernel 2.6.x):
- read:
http://www.mirrors.wiretapped.net/security/cryptography/filesystems/loop-aes/loop-AES.README
http://www.sdc.org/~leila/usb-dongle/readme.html
@@ -18,7 +18,10 @@
util-linux (testing)
- new packages needed for crypto-swap script:
sharutils (uuencode)
+ - create random passphrase/seed
+ #: head -c /dev/urandom | uuencode -m - | head -n 2 | tail -n 1
- create encrypted fs:
+ (passphrase need min 20 characters!!)
echo ${PASSPHRASE} | losetup -p 0 -e aes-256 ${LOOPDEV} ${DEVICE}
- with special seed:
echo ${PASSPHRASE} | losetup -p 0 -S ${SEED} -e aes-256 ${LOOPDEV} ${DEVICE}
@@ -52,7 +55,7 @@
swapon ${LOOPDEV}
#------------------------ crypto-swap end --------------------------------------
- - mounting encrypted file sytems at boot-time
+ - mounting encrypted file-systems at boot-time
- for interactive key-passphrase, add following at /etc/fstab:
/dev/hda6 defaults,loop=/dev/loop6,encryption=AES256 0 0
@@ -67,8 +70,8 @@
# loop device name
LOOPDEV=/dev/loop3
- PASSPHRASE="WSyPeR1gh07fvoyNZjtxo7Y6F4o="
- SEED="NUmdxSWIbPdYijbdo/0v"
+ PASSPHRASE="" # min 20 characters
+ SEED=""
case "$1" in
start)
@@ -85,7 +88,34 @@
esac
exit 0
#------------------------ prepare-cryptofs.sh end --------------------------------------
+
+
+
+ FreeBSD(stable) - port update bugs (06.2004)
+ BUG: php4 won't comile with e.g. gettext,imap,mcrypt
+ FIX: Add a '-lc_r' to the libraries php is linked against.
+ (from http://lists.freebsd.org/pipermail/freebsd-ports/2003-September/004231.html)
+ - for php4, do:
+ export LDDFLAGS='-lc_r'
+ change entries at Makefiles of following ports:
+ - gettext at /Makefile:
+ change
+ LDFLAGS="-L${LOCALBASE}/lib"
+ to
+ LDFLAGS="-lc_r -L${LOCALBASE}/lib"
+ - libxml2 at /Makefile:
+ change
+ LDFLAGS="-L${LOCALBASE}/lib"
+ to
+ LDFLAGS="-lc_r -L${LOCALBASE}/lib"
+ - cclient at work/libc-client/Makefile:
+ change
+ EXTRALDFLAGS=
+ to
+ EXTRALDFLAGS=-lc_r
+
+
-$Id: notes_2004-06.twingle,v 1.2 2004/06/02 22:47:22 jonen Exp $
+$Id: notes_2004-06.twingle,v 1.4 2004/06/14 23:20:30 jonen Exp $
\ No newline at end of file