[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-crypto
Subject:    Re: Stealth crypto
From:       Peter_22 () gmx ! de
Date:       2006-04-17 19:39:14
Message-ID: 19462.1145302754 () www064 ! gmx ! net
[Download RAW message or body]

Hi Michael!

The mail that Venkat mentioned is an answer from Jari to my question on how
to encrypt full systems.
Since that time I use neither a master boot record nor a partition table on
disk. So this is exactly what you asked for. loop-aes also works with
USB-devices for booting as described in the last example  of the readme.
I didn't set up RAID configurations so let me know about your experiences in
this field.

Regards,
Peter


> --- Ursprüngliche Nachricht ---
> Von: "Michael Garibaldi" <michaelgari@gmail.com>
> An: "Venkat Manakkal" <venkat@rayservers.com>
> Kopie: linux-crypto@nl.linux.org
> Betreff: Re: Stealth crypto
> Datum: Sun, 16 Apr 2006 03:30:03 +0300
> 
> >
> > for encrypted root. That can be extended for the entire disk if you boot
> > from
> > CDROM or USB using the entire disk /dev/sda for instance.
> >
> 
> This is not very useful, as I'll end up with a bunch of /dev/loop* devices
> then. Those devices would have partition tables in them, and in
> particular,
> they contain RAID arrays (partition type RAID autodetect). It is difficult
> to keep track of which HDD is which, but if the kernel can autodetect
> that,
> it'll be a lot easier. That is why I want the kernel to read them as HDDs,
> rather than just provide me some block devices.
> 
> The above is only my solution to the problem. There probably are others
> (that still do things automatically!), but this was the first thing that I
> thought about.
> 
> Example:
> 
> 1. Setup cryptoloops
> /dev/sda = /dev/loop0
> /dev/sdb = /dev/loop1
> /dev/sdc = /dev/loop2
> 2. Let the kernel detect them as HDDs
> /dev/loop0 = HDD => kernel detects partitions
> /dev/loop0-partition1 = RAID-5 md0 disk 2
> /dev/loop0-partition2 = RAID-1 md1 disk 0
> /dev/loop1 = HDD => kernel detects partitions
> /dev/loop1-partition1 = RAID-1 md1 disk 1
> /dev/loop1-partition2 = RAID-5 md0 disk 1
> /dev/loop2-partition2 = RAID-5 md0 disk 0
> 3. The kernel found RAID partitions, so it automatically assembles them:
> /dev/md0 = my RAID-5
> /dev/md1 = my RAID-1
> 4. I can easily mount /dev/md1 as root, etc.
> 
> If the kernel cannot detect them that way, I have serious trouble trying
> to
> figure out where exactly is each partition, which array it belongs to,
> etc.
> 

-- 
Analog-/ISDN-Nutzer sparen mit GMX SmartSurfer bis zu 70%!
Kostenlos downloaden: http://www.gmx.net/de/go/smartsurfer

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/



[prev in list] [next in list] [prev in thread] [next in thread]