--- jonen/notes/notes_2004-06.twingle	2004/06/02 22:47:22	1.2
+++ jonen/notes/notes_2004-06.twingle	2004/06/14 23:24:39	1.5
@@ -1,6 +1,6 @@
 <hr/>
 
- Debian-stable and AES-loop(crypto-api) file-system encryption(kernel 2.6.x):
+ Debian-stable/testing and AES-loop(crypto-api) file-system encryption(kernel 2.6.x):
   - read:
      http://www.mirrors.wiretapped.net/security/cryptography/filesystems/loop-aes/loop-AES.README
      http://www.sdc.org/~leila/usb-dongle/readme.html
@@ -18,7 +18,10 @@
         util-linux (testing)
   - new packages needed for crypto-swap script:
         sharutils (uuencode)
+  - create random passphrase/seed
+    #: head -c ${LENGTH} /dev/urandom | uuencode -m - | head -n 2 | tail -n 1
   - create encrypted fs:
+     (passphrase need min 20 characters!!)
       echo ${PASSPHRASE} | losetup -p 0 -e aes-256 ${LOOPDEV} ${DEVICE}
     - with special seed:
       echo ${PASSPHRASE} | losetup -p 0 -S ${SEED} -e aes-256 ${LOOPDEV} ${DEVICE}
@@ -52,9 +55,9 @@
     swapon ${LOOPDEV}
     #------------------------ crypto-swap end --------------------------------------
   
-  - mounting encrypted file sytems at boot-time
+  - mounting encrypted file-systems at boot-time
    - for interactive key-passphrase, add following at /etc/fstab:
-       /dev/hda6   <mount-point>   <fs-type>   defaults,loop=/dev/loop6,encryption=AES256   0   0
+       /dev/hda6   mount-point   fs-type   defaults,loop=/dev/loop6,encryption=AES256   0   0
      
      with this method you have to enter your passphrase at boot-time (when the encrypted fs will be mounted)
     
@@ -67,8 +70,8 @@
     # loop device name
     LOOPDEV=/dev/loop3
 
-    PASSPHRASE="WSyPeR1gh07fvoyNZjtxo7Y6F4o="
-    SEED="NUmdxSWIbPdYijbdo/0v"
+    PASSPHRASE="YOUR_PASSPHRASE"    # min 20 characters
+    SEED="YOUR_SEED"
 
     case "$1" in
       start)
@@ -85,7 +88,34 @@
     esac
     exit 0
     #------------------------ prepare-cryptofs.sh end --------------------------------------
+
+
+
+  FreeBSD(stable) - port update bugs (06.2004)
+   BUG: php4 won't comile with e.g. gettext,imap,mcrypt
+   FIX: Add a '-lc_r' to the libraries php is linked against.
+     (from http://lists.freebsd.org/pipermail/freebsd-ports/2003-September/004231.html)
+      - for php4, do:
+       export LDDFLAGS='-lc_r' 
+      change entries at Makefiles of following ports:
+       - gettext at /Makefile:
+          change
+            LDFLAGS="-L${LOCALBASE}/lib"
+          to
+            LDFLAGS="-lc_r -L${LOCALBASE}/lib"
+       - libxml2 at /Makefile:
+          change
+            LDFLAGS="-L${LOCALBASE}/lib"
+          to
+            LDFLAGS="-lc_r -L${LOCALBASE}/lib"
+       - cclient at work/libc-client/Makefile:
+          change 
+            EXTRALDFLAGS= 
+          to
+            EXTRALDFLAGS=-lc_r
+          
+            
    
 <hr/>
-$Id: notes_2004-06.twingle,v 1.2 2004/06/02 22:47:22 jonen Exp $
+$Id: notes_2004-06.twingle,v 1.5 2004/06/14 23:24:39 jonen Exp $
   
\ No newline at end of file