[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: automating cryptoapi startup & shutdown

Hi,

you can full automate the mount of your crypted filesystems. If you want
to do this, i think you don't need a crypted filesystem ;-)
I mount my crypted homedir with an init-script. Since i use this on my
laptop i haven'd hardcoded anything so it's more difficult for an
thief to figure out the right cipher/keylength/password combination.

I use the following script (RedHat/Conectiva) which you should change to
your type of initscripts :)

------------------------------------------------------------
#!/bin/sh
# chkconfig: 345 91 45
# description: Mount crypted filesystems
#

. /etc/rc.d/init.d/functions

function start ()
{
        cat - <<EOF
        Valid encryptiontypes are: aes blowfish cast5 des des_ede3
                             dfc idea mars rc5 rc6 serpent twofish

EOF
        read -p "Enter your encryptiontype: " ENCRYPTION; echo
        losetup -e $ENCRYPTION /dev/loop0 /home/jschmidt.crypt
        printf "Starting %s: " "crypted filesystems"
        mount /home/jschmidt
        if [ $? -gt 0 ] ; then
                losetup -d /dev/loop0
        else
                umount /home/jschmidt
                fsck.ext3 /dev/loop0
                mount /home/jschmidt
        fi
        daemon true
        echo
}

function stop ()
{
        printf "Stopping %s: " "crypted filesystems"
        daemon umount /home/jschmidt
        echo
        losetup -d /dev/loop0
}

case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  restart)
        stop
        start
        ;;
  *)
        printf "Usage: %s {start|stop|status|restart}\n" "`basename $0`"
        exit 1
esac
exit 0
------------------------------------------------------------

hope this helps

Jochen

On Tue, 11 Jun 2002, Wayne F Davis wrote:
> Hi,
>
> I have the cryptoapi/loop setup and it seems to be working well.  Great
> job!
>
> Now, I want to automate some of the steps (losetup, modules, mount).  What
> is the best way to go about doing this?  I would like to load the modules
> on boot via modules.conf and have the mount command handle the losetup.
> On shutdown, I would like the umounting to handle the losetup.  Is there
> a way to do this easily (via modules.conf & /etc/fstab)?  (I tried a few
> things, but was getting some errors, so I figured I'd ask here.)
>
> Thanks again.
>
>

-- 
--------------------------------------------------------------------
Jochen Schmidt                           jochen.schmidt@millenux.com
Millenux GmbH                                mobile: +49.175.5752483
Lilienthalstraße 2                          phone: +49.711.88770.300
70825 Stuttgart-Korntal                       fax: +49.711.88770.349
      -= linux without limits -=- http://linux.zSeries.org/ =-

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/