From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1OEVCb-0003gF-K9 for garchives@archives.gentoo.org; Tue, 18 May 2010 22:23:53 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A3B89E09A1; Tue, 18 May 2010 22:23:46 +0000 (UTC) Received: from borg.medozas.de (borg.medozas.de [188.40.89.202]) by pigeon.gentoo.org (Postfix) with ESMTP id 772DFE09A1 for ; Tue, 18 May 2010 22:23:45 +0000 (UTC) Received: by borg.medozas.de (Postfix, from userid 25121) id 8D381F0C2CFD1; Wed, 19 May 2010 00:23:44 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by borg.medozas.de (Postfix) with ESMTP id 65AD2AC1; Wed, 19 May 2010 00:23:44 +0200 (CEST) Date: Wed, 19 May 2010 00:23:44 +0200 (CEST) From: Jan Engelhardt To: "Stefan G. Weichinger" cc: gentoo-user@lists.gentoo.org, Daniel Troeder , walt , Florian Philipp , Jason Dusek , Till Maas , hanno@gentoo.org Subject: Re: [gentoo-user] Re: Kernel upgrade and now LUKS failure In-Reply-To: <4BF30B74.9090807@xunil.at> Message-ID: References: <4BF108F3.1080304@xunil.at> <4BF299B4.2040306@xunil.at> <4BF2C6A7.6040607@xunil.at> <4BF2E336.8030106@xunil.at> <4BF2EB88.8010403@xunil.at> <4BF2F5DA.7090808@xunil.at> <4BF30B74.9090807@xunil.at> User-Agent: Alpine 2.01 (LSU 1266 2009-07-14) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Archives-Salt: 8cc40db9-e2c7-492e-bdf0-0bdc19b3cc05 X-Archives-Hash: 49c8b1f7f7d89ded5d1f355ad3c7a41b On Tuesday 2010-05-18 23:49, Stefan G. Weichinger wrote: >> # ./mount.crypt -vo >> keyfile=t-crypt.key,fsk_cipher=aes-256-cbc,fsk_hash=md5 /dev/loop94 >> /mnt command: 'readlink' '-fn' '/dev/loop94' command: 'readlink' >> '-fn' '/mnt' Password: mount.crypt(crypto-dmc.c:144): Using >> _dev_loop94 as dmdevice name command: 'mount' '-n' >> '/dev/mapper/_dev_loop94' '/mnt' # df /mnt Filesystem >> 1K-blocks Used Available Use% Mounted on /dev/loop94 >> 62465 5365 53875 10% /mnt >> >> Match? > >Frankly: dunno ;-) >Yes, I am able to follow and understand in general so far ... but ... Right now it's more a case of "let's do it and compare results" than having to thoroughly understand when and where cryptsetup chops off a byte and pads another. That went fine, up to ># mount the new fs >mount /dev/mapper/newhome /mnt/gschwind >all this worked OK so far, but not with pam_mount. >OK? OK, but don't stop there. pam_mount really just ultimatively runs mount.crypt; and it tells you that it does by means of syslog (with enabled debug=1 of course). command: 'mount.crypt' '-ofsk.... And that is what you can run from shell, which eliminates pam_mount from the path and only leaves the usual suspects. Keep on it, marine! >Assuming that "I am too stupid": Where is the how-to-do-it? >So far the only thing I really understood "You are doing it wrong". >But where is the "Do it this way and you are safe" ? http://archives.gentoo.org/gentoo-user/msg_e80d6e5a662b7595a2a8a70a0fa166dd.xml was basically it: pmt-ehd and you're safe. Short of the current ...missing feature though, mentioned in that same mail.