From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-140950-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 11FCD138010
	for <garchives@archives.gentoo.org>; Mon,  3 Sep 2012 20:58:24 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 225B021C0D0;
	Mon,  3 Sep 2012 20:57:19 +0000 (UTC)
Received: from mout.web.de (mout.web.de [212.227.15.3])
	by pigeon.gentoo.org (Postfix) with ESMTP id 43855E07D7
	for <gentoo-user@lists.gentoo.org>; Mon,  3 Sep 2012 20:52:55 +0000 (UTC)
Received: from 3capp-webde-bs27.server.lan ([172.19.170.27]) by
 mriweb.server.lan (mriweb001) with ESMTPA (Nemesis) id
 0MNh8W-1TFlS01uHa-006dEc for <gentoo-user@lists.gentoo.org>; Mon, 03 Sep 2012
 22:52:54 +0200
Received: from [94.221.159.125] by 3capp-webde-bs27.server.lan with HTTP;
 Mon Sep 03 22:52:54 CEST 2012
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Message-ID: <trinity-1427fe2b-18a7-4306-82e8-b93e0601cea7-1346705574397@3capp-webde-bs27>
From: =?UTF-8?Q?=22Roland_H=C3=A4der=22?= <r.haeder@web.de>
To: gentoo-user@lists.gentoo.org
Subject: Aw: Re: [gentoo-user] dm-crypt + ext4 = where will the journal go?
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Date: Mon, 3 Sep 2012 22:52:54 +0200 (CEST)
In-Reply-To: <504515AC.9060603@binarywings.net>
References: <trinity-d4c8875e-6af1-4873-9151-83c82e7599a8-1346703623543@3capp-webde-bs27>,
 <504515AC.9060603@binarywings.net>
Importance: normal
Sensitivity: Normal
X-UI-Message-Type: mail
X-Priority: 3
X-Provags-ID: V01U2FsdGVkX1/RG1F/R9w8djC2Ms7w0yJyJ7taCfOv89/sn9M4PK0Z1ATfyPp+lqKI
 /xCgTd8X+shptR4hqMXsIJwmTrtkPXeVoeZXUqTK3Xn+RPRM2TO4TA==
X-Archives-Salt: cd59f972-6f2d-4cbc-b2c8-bde566ec71db
X-Archives-Hash: 44dbe903f241ae1d3a99f216a69d2247

> You forgot the link to [1].
Already mailed but here again:
http://wiki.gentoo.org/wiki/DM-Crypt

> Never used loop-aes myself. Sorry if I miss the reason for your
> confusion because of it.
http://loop-aes.sourceforge.net

There is the source code. It needs patched util-linux(-ng) package to get working. Also you should not use (crypt-)loop because it conflicts with it (see README inside tar ball). It also provides a really simple swap encryption:

- /etc/fstab -
/dev/blaX       none    swap    sw,loop=/dev/loop0,encryption=AES256,itercountk=100     0       0

This will make sure that everytime you bootup your system a new encryption is setup with an iteration of 100 (still performant enough for most things).

> Opening a dmcrypt volume creates a mapped block device in /dev/mapper.
> You treat it like a partition and format it with ext4. Unless you use
> some exotic flags for mke2fs, the journal will be put on the same block
> device and is encrypted along with the rest of it.
> 
> So: No need to worry about it.
Thank you for the explanation. Maybe it should be added to the wiki?

> 
> Hope this helps,
> Florian Philipp
Sure it does. :)

Roland