[gentoo-user] Encrypting removable media

[gentoo-user] Encrypting removable media

[Matthias Bethke]

[-- Attachment #1: Type: text/plain, Size: 1142 bytes --]

I have a bit of chicken-and-egg problem trying to get encrypted
removable devices to work as "normal" as possible.
Using Loop-AES and a GPG-encrypted key I had no problems encrypting my
external FW drive, but to pass all the options to losetup without
entering them by hand every time, I need an fstab entry. The drive shows
up as /dev/sda, but putting /dev/sda1 there is no good as it would try
to use Loop-AES on *every* external drive. So far I could just use
volume labels in my fstab to distinguish any number of drives---well, I
used to until hald/dbus made that automatic. But now there are no labels
any more as they get encrypted as well.
Has anyone come up with a solution for this yet? I could imagine some
plugin for the hotplug system that checks /proc/scsi/scsi for a certain
model before mounting. Not the cleanest solution either but as my
external drives are different models it would work for me. I don't have
much of a clue about the hotplug system though...

regards
	Matthias
-- 
I prefer encrypted and signed messages. KeyID: FAC37665
Fingerprint: 8C16 3F0A A6FC DF0D 19B0  8DEF 48D9 1700 FAC3 7665

[-- Attachment #2: Type: application/pgp-signature, Size: 191 bytes --]

Re: [gentoo-user] Encrypting removable media

[Etaoin Shrdlu]

On Friday 24 February 2006 15:18, Matthias Bethke wrote:

> I have a bit of chicken-and-egg problem trying to get encrypted
> removable devices to work as "normal" as possible.
> Using Loop-AES and a GPG-encrypted key I had no problems encrypting my
> external FW drive, but to pass all the options to losetup without
> entering them by hand every time, I need an fstab entry. The drive
> shows up as /dev/sda, but putting /dev/sda1 there is no good as it
> would try to use Loop-AES on *every* external drive. So far I could
> just use volume labels in my fstab to distinguish any number of
> drives---well, I used to until hald/dbus made that automatic. But now
> there are no labels any more as they get encrypted as well.
> Has anyone come up with a solution for this yet? I could imagine some
> plugin for the hotplug system that checks /proc/scsi/scsi for a
> certain model before mounting. Not the cleanest solution either but as
> my external drives are different models it would work for me. I don't
> have much of a clue about the hotplug system though...

With udev you can create hardware-specific devices (meaning you can have 
a device in /dev that corresponds exactly to some particular hard disk), 
based on various hardware-specific information (eg, manufacturer name or 
device id and many others) See 
http://www.reactivated.net/writing_udev_rules.html
for the details.
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] Encrypting removable media

[Matthias Bethke]

[-- Attachment #1: Type: text/plain, Size: 684 bytes --]

Hi Etaoin,
on Friday, 2006-02-24 at 15:42:39, you wrote:
> With udev you can create hardware-specific devices (meaning you can have 
> a device in /dev that corresponds exactly to some particular hard disk), 
> based on various hardware-specific information (eg, manufacturer name or 
> device id and many others) See 
> http://www.reactivated.net/writing_udev_rules.html
> for the details.

Looks like just the ting I need, plus some education :) Thanks very much
for the ultra-speedy reply! Gotta love the Gentoo lists...

cheers!
	Matthias
-- 
I prefer encrypted and signed messages. KeyID: FAC37665
Fingerprint: 8C16 3F0A A6FC DF0D 19B0  8DEF 48D9 1700 FAC3 7665

[-- Attachment #2: Type: application/pgp-signature, Size: 191 bytes --]