« previous next »
Pages: 1 [2]   Go Down

Author Topic: Re: PCLinuxOS KDE 2011.6 is now available for download > encryption  (Read 6027 times)

Offline AS

  • Hero Member
  • *****
  • Posts: 4111
  • Have a nice ... night!
Re: PCLinuxOS KDE 2011.6 is now available for download > encryption
« Reply #15 on: July 05, 2011, 04:58:33 PM »
Quote from: djohnston on July 05, 2011, 04:08:26 PM
Quote from: as on July 05, 2011, 03:06:55 PM
Quote from: gseaman on July 05, 2011, 02:55:11 PM
Any chance when you've finished exploring this topic that you might condense it to a magazine article? ;D

Galen


I was thinking at something like that, provided someone may revise my English!  ;)

AS


AS, I'd be glad to do the edits. Your English is pretty good, actually.


Thank you both,
I will get in touch by PM as soon as ready.

AS
Logged

Offline AS

  • Hero Member
  • *****
  • Posts: 4111
  • Have a nice ... night!
Re: PCLinuxOS KDE 2011.6 is now available for download > encryption
« Reply #16 on: July 05, 2011, 07:00:21 PM »
Going on with testing...

this time had prepared a remastered ISO of the encrypted system, using mylivecd of course, and tried to restore the system on the same hardware. (Please note that nothing is encrypted on the liveCD ISO).

The system originally was made using /dev/sda1 => '/boot' and /dev/sda5 => /dev/mapper/crypt_sda5 => '/'

Booting from the remastered ISO, very early the system ask me the password for the already existing encrypted partition,
I do not think much about and provide the requested password, also because if not the boot doesn't continue.

I choose the direct install, directly from the grub menu, the first step is partitioning, of course 'Custom partitioning',
delete all existent partitions, and then create the /boot, unencrypted, 300 Mb, and the '/', encrypted 30 Gb.

At this point the partitioning fail with a cryptic  :) message: "cryptsetup failed"  ???

Then I reboot again, this time starting the live system instead of the direct installation, and later start the installation from a Konsole, retry the partitioning, failing again with the same cryptic message but this time I have a useful hint from console log:
"device crypt_sda5 already exist".



what does mean all that ? The short story is that when I have remastered the system, the file /etc/crypttab has been copied into the remastered iso, when the liveCD system boot and recognize that file, the system map the devices listed in the file in /dev/mapper/crypt_sdaN, from there the initial password request.
At time of partitioning the system assign /dev/sda1 to '/boot' and /dev/sda5 to '/', sda5 should be encrypted and when diskdrake
try to create /dev/mapper/crypt_sda5 if fails because crypt_sda5 already exist.

I made another remaster excluding the file /etc/crypttab, retry the whole installation and this time was fully successful.

I'm going to request to Texstar to modify the mylivecd program to always exclude the file /etc/crypttab, I believe there is no reason to have that file into the remastered ISO.

In the meantime, if you want to test yourself right now, use mylivecd --nofile ^/etc/crypttab

AS



Logged
Pages: 1 [2]   Go Up
« previous next »