| 19 |
- new packages needed for crypto-swap script: |
- new packages needed for crypto-swap script: |
| 20 |
sharutils (uuencode) |
sharutils (uuencode) |
| 21 |
- create random passphrase/seed |
- create random passphrase/seed |
| 22 |
#: head -c <LENGTH> /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 |
#: head -c ${LENGTH} /dev/urandom | uuencode -m - | head -n 2 | tail -n 1 |
| 23 |
- create encrypted fs: |
- create encrypted fs: |
| 24 |
(passphrase need min 20 characters!!) |
(passphrase need min 20 characters!!) |
| 25 |
echo ${PASSPHRASE} | losetup -p 0 -e aes-256 ${LOOPDEV} ${DEVICE} |
echo ${PASSPHRASE} | losetup -p 0 -e aes-256 ${LOOPDEV} ${DEVICE} |
| 57 |
|
|
| 58 |
- mounting encrypted file-systems at boot-time |
- mounting encrypted file-systems at boot-time |
| 59 |
- for interactive key-passphrase, add following at /etc/fstab: |
- for interactive key-passphrase, add following at /etc/fstab: |
| 60 |
/dev/hda6 <mount-point> <fs-type> defaults,loop=/dev/loop6,encryption=AES256 0 0 |
/dev/hda6 mount-point fs-type defaults,loop=/dev/loop6,encryption=AES256 0 0 |
| 61 |
|
|
| 62 |
with this method you have to enter your passphrase at boot-time (when the encrypted fs will be mounted) |
with this method you have to enter your passphrase at boot-time (when the encrypted fs will be mounted) |
| 63 |
|
|
| 70 |
# loop device name |
# loop device name |
| 71 |
LOOPDEV=/dev/loop3 |
LOOPDEV=/dev/loop3 |
| 72 |
|
|
| 73 |
PASSPHRASE="<YOUR_PASSPHRASE>" # min 20 characters |
PASSPHRASE="YOUR_PASSPHRASE" # min 20 characters |
| 74 |
SEED="<YOUR_SEED>" |
SEED="YOUR_SEED" |
| 75 |
|
|
| 76 |
case "$1" in |
case "$1" in |
| 77 |
start) |
start) |
Parent Directory
| 
Revision Log
| 
Patch
